Jiachen Jiang
e9f0385198
## Summary Replace the "Premium" label with "AI Governance Add-On" and add a disclaimer that the AI Governance Add-On is required for AI Gateway and Agent Firewall as of Coder v2.32, across all AI Governance doc pages and their children. ## Changes **Label and requirement updates (7 files):** - `docs/ai-coder/ai-governance.md`: Removed "(Premium)" from title; updated GA section to state add-on required as of v2.32. - `docs/ai-coder/ai-gateway/setup.md`: "Premium license" → "AI Governance Add-On license". - `docs/ai-coder/ai-gateway/ai-gateway-proxy/setup.md`: "Premium license" → "AI Governance Add-On". - `docs/ai-coder/ai-gateway/clients/claude-code.md`: "(Premium feature)" → "(AI Governance Add-On)". - `docs/manifest.json`: `"state": ["premium"]` → `"state": ["ai governance add-on"]` for 4 nav entries. **Disclaimer added to all child pages (26 files):** AI Gateway pages (18): `index.md`, `setup.md`, `audit.md`, `monitoring.md`, `mcp.md`, `reference.md`, `ai-gateway-proxy/index.md`, `ai-gateway-proxy/setup.md`, `clients/index.md`, `clients/claude-code.md`, `clients/codex.md`, `clients/mux.md`, `clients/opencode.md`, `clients/factory.md`, `clients/cline.md`, `clients/kilo-code.md`, `clients/roo-code.md`, `clients/vscode.md`, `clients/jetbrains.md`, `clients/zed.md`, `clients/copilot.md` Agent Firewall pages (8): `index.md`, `version.md`, `landjail.md`, `rules-engine.md`, `nsjail/index.md`, `nsjail/docker.md`, `nsjail/k8s.md`, `nsjail/ecs.md` Other: `security.md` > [!NOTE] > The `"ai governance add-on"` state value in `manifest.json` is new. The docs site renderer may need to be updated to support this state value. > Generated by Coder Agents
1.5 KiB
Note
Features mentioned on this page, such as AI Gateway and Agent Firewall, require the AI Governance Add-On. As of Coder v2.32, deployments without the add-on will not be able to access these features.
As the AI landscape is evolving, we are working to ensure Coder remains a secure platform for running AI agents just as it is for other cloud development environments.
Use Trusted Models
Most agents can be configured to either use a local LLM (e.g. llama3), an agent proxy (e.g. OpenRouter), or a Cloud-Provided LLM (e.g. AWS Bedrock). Research which models you are comfortable with and configure your Coder templates to use those.
Set up Firewalls and Proxies
Many enterprises run Coder workspaces behind a firewall or a proxy to prevent threats or bad actors. These same protections can be used to ensure AI agents do not access or upload sensitive information.
Separate API keys and scopes for agents
Many agents require API keys to access external services. It is recommended to create a separate API key for your agent with the minimum permissions required. This will likely involve editing your template for Agents to set different scopes or tokens from the standard one.
Additional guidance and tooling is coming in future releases of Coder.
Set Up Agent Firewall
Agent Firewall is a process-level firewall that lets you restrict and audit what AI agents can access within Coder workspaces. To learn more about this feature, see Agent Firewall.