You signed in with another tab or window.Reload to refresh your session.You signed out in another tab or window.Reload to refresh your session.You switched accounts on another tab or window.Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/ai-coder/agent-boundary.md
+32-3Lines changed: 32 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -3,10 +3,10 @@
3
3
Agent Boundaries are process-level firewalls that restrict and audit what autonomous programs, such as AI agents, can access and use.
4
4
5
5
6
-
[insert screenshot here]
6
+
7
7
8
8
9
-
The easiest way to use Agent Boundaries is through existing Coder modules, such as the[Claude Code module](https://registry.coder.com/modules/coder/claude-code). It can also be ran directly in the terminal by installingits[CLI](https://github.com/coder/boundary).
9
+
The easiest way to use Agent Boundaries is through existing Coder modules, such as the[Claude Code module](https://registry.coder.com/modules/coder/claude-code). It can also be ran directly in the terminal by installingthe[CLI](https://github.com/coder/boundary).
10
10
11
11
>[!NOTE]
12
12
>The Coder Boundary CLI is free and open source. Integrations with the core product, such as through modules, offers strong isolation and is available to Coder Premium customers.
@@ -25,6 +25,12 @@ Boundaries extend Coder's trusted workspaces with a defense-in-depth model that
25
25
26
26
#Architecture
27
27
28
+
Agent Boundary runs in two locations:
29
+
- Workspace: Boundary runs alongside your agent or tool, wrapping its process and enforcing outbound network policy at runtime
30
+
- Control place (Premium): Module-level config toggles enforcement and routes audit logs to centralized governance
31
+
32
+
[More detail to be added here]
33
+
28
34
#Getting Started with Boundary
29
35
30
36
There are two ways to use Agent Boundaries in your project.
@@ -35,7 +41,26 @@ All other users can use Agent Boundaries through its [open source CLI](https://g
35
41
36
42
##Option 1) Apply Boundary through Coder modules
37
43
38
-
This option is available to Coder Premium users. It is the easiest way to use Agent Boundaries and offers centralized policy management with strong isolation.
44
+
This option is available to Coder Premium users. It is the easiest way to use Agent Boundaries and offers centralized policy management with strong isolation.
45
+
46
+
This integration offers:
47
+
- A built-in`coder boundary` subcommand
48
+
- Module authors do not need to ship or manage a separate binary
49
+
50
+
- A clean module interface
51
+
- Template admins toggle policy per template by using variables
52
+
- Stronger isolation and centralized governance hooks
53
+
- Protection beyond what is offered by the CLI path
54
+
55
+
To apply Agent Boundaries through Coder modules, follow the instructions below.
56
+
57
+
1. Ensure that you have installed or updated to the latest version of the[Claude Code module](https://registry.coder.com/modules/coder/claude-code).
58
+
2. In the template that calls the module, set`module.boundary_configuration.enabled = true`.
59
+
3. Choose a policy expression.
60
+
- For simple rules, you can insert a variation of this example:`provide allow = ["domain=github.com path=/api/*", "method=GET,HEAD domain=github.com"]`
61
+
- For complexrules, you can package a YAML file into the workspace image or mount a path and set`config_path`.
62
+
63
+
[More detail to be added here]
39
64
40
65
##Option 2) Wrap the agent process with the Boundary CLI
41
66
@@ -117,3 +142,7 @@ Another option is to define rules in a YAML file, which only needs to be invoked
117
142
`boundary run --config ./boundary.yaml -- claude`
118
143
119
144
You will notice that the rules are automatically applied without any need for additional customization.
145
+
146
+
## Opting out of Boundary
147
+
148
+
If you tried Boundary through a Coder module and decided you don't want to use it, you can turn it off by setting the flag to `boundary_enabled=false`.