shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-02 20:48:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
1e1d312cab9dfebc1da252b503ce680786e17ca7
coder/docs/ai-coder/ai-bridge/setup.md
T
blinkagent[bot] 1e1d312cab docs: split env var declaration from command in AI Bridge setup (#22072) 
The AI Bridge setup docs showed `CODER_AIBRIDGE_ENABLED=true coder
server` as a single line, which can confuse users into thinking the env
var is a one-time prefix rather than a persistent setting.

Split this into `export CODER_AIBRIDGE_ENABLED=true` on its own line
followed by `coder server`, which is clearer and consistent with how the
Bedrock credentials section already handles env vars in the same file.

Created on behalf of @dannykopping

Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com>
2026-02-12 18:15:44 +00:00

5.3 KiB
Raw Blame History

Setup

AI Bridge runs inside the Coder control plane (coderd), requiring no separate compute to deploy or scale. Once enabled, coderd runs the aibridged in-memory and brokers traffic to your configured AI providers on behalf of authenticated users.

Required:

  1. A Premium license with the AI Governance Add-On.
  2. Feature must be enabled using the server flag
  3. One or more providers API key(s) must be configured

Activation

You will need to enable AI Bridge explicitly:

export CODER_AIBRIDGE_ENABLED=true
coder server
# or
coder server --aibridge-enabled=true

Configure Providers

AI Bridge proxies requests to upstream LLM APIs. Configure at least one provider before exposing AI Bridge to end users.

OpenAI

Set the following when routing OpenAI-compatible traffic through AI Bridge:

  • CODER_AIBRIDGE_OPENAI_KEY or --aibridge-openai-key
  • CODER_AIBRIDGE_OPENAI_BASE_URL or --aibridge-openai-base-url

The default base URL (https://api.openai.com/v1/) works for the native OpenAI service. Point the base URL at your preferred OpenAI-compatible endpoint (for example, a hosted proxy or LiteLLM deployment) when needed.

If you'd like to create an OpenAI key with minimal privileges, this is the minimum required set:

List Models scope should be set to "Read", Model Capabilities set to "Request"

Anthropic

Set the following when routing Anthropic-compatible traffic through AI Bridge:

  • CODER_AIBRIDGE_ANTHROPIC_KEY or --aibridge-anthropic-key
  • CODER_AIBRIDGE_ANTHROPIC_BASE_URL or --aibridge-anthropic-base-url

The default base URL (https://api.anthropic.com/) targets Anthropic's public API. Override it for Anthropic-compatible brokers.

Anthropic does not allow API keys to have restricted permissions at the time of writing (Nov 2025).

Amazon Bedrock

Set the following when routing Amazon Bedrock traffic through AI Bridge:

  • CODER_AIBRIDGE_BEDROCK_REGION or --aibridge-bedrock-region
  • CODER_AIBRIDGE_BEDROCK_ACCESS_KEY or --aibridge-bedrock-access-key
  • CODER_AIBRIDGE_BEDROCK_ACCESS_KEY_SECRET or --aibridge-bedrock-access-key-secret
  • CODER_AIBRIDGE_BEDROCK_MODEL or --aibridge-bedrock-model
  • CODER_AIBRIDGE_BEDROCK_SMALL_FAST_MODEL or --aibridge-bedrock-small-fast-model

Note

CODER_AIBRIDGE_BEDROCK_BASE_URL or --aibridge-bedrock-base-url may be used instead of CODER_AIBRIDGE_BEDROCK_REGION/--aibridge-bedrock-region if you would like to specify a URL which does not follow the form of https://bedrock-runtime.<region>.amazonaws.com - for example if using a proxy between AI Bridge and AWS Bedrock.

Obtaining Bedrock credentials

  1. Choose a region where you want to use Bedrock.

  2. Generate API keys in the AWS Bedrock console (replace us-east-1 in the URL with your chosen region):

    • Choose an expiry period for the key.
    • Click Generate.
    • This creates an IAM user with strictly-scoped permissions for Bedrock access.

  3. Create an access key for the IAM user:

    • After generating the API key, click "You can directly modify permissions for the IAM user associated".
    • In the IAM user page, navigate to the Security credentials tab.
    • Under Access keys, click Create access key.
    • Select "Application running outside AWS" as the use case.
    • Click Next.
    • Add a description like "Coder AI Bridge token".
    • Click Create access key.
    • Save both the access key ID and secret access key securely.

  4. Configure your Coder deployment with the credentials:

    export CODER_AIBRIDGE_BEDROCK_REGION=us-east-1
export CODER_AIBRIDGE_BEDROCK_ACCESS_KEY=<your-access-key-id>
export CODER_AIBRIDGE_BEDROCK_ACCESS_KEY_SECRET=<your-secret-access-key>
coder server

Additional providers and Model Proxies

AI Bridge can relay traffic to other OpenAI- or Anthropic-compatible services or model proxies like LiteLLM by pointing the base URL variables above at the provider you operate. Share feedback or follow along in the aibridge issue tracker as we expand support for additional providers.

Note

See the Supported APIs section below for precise endpoint coverage and interception behavior.

Data Retention

AI Bridge records prompts, token usage, and tool invocations for auditing and monitoring purposes. By default, this data is retained for 60 days.

Configure retention using --aibridge-retention or CODER_AIBRIDGE_RETENTION:

coder server --aibridge-retention=90d

Or in YAML:

aibridge:
  retention: 90d

Set to 0 to retain data indefinitely.

For duration formats, how retention works, and best practices, see the Data Retention documentation.

Reference in New Issue View Git Blame Copy Permalink