Coder Launch Wrapped: Building the Infrastructure for AI Development
A complete look at the platform updates that enable secure, scalable AI adoption
This is the last post in our four part series for Coder Launch Week (Dec 9–11, 2025) looking at how we’re making secure, scalable cloud development easier. Go deeper into the updates here.
Over the past three days, we introduced updates to the Coder platform that make enterprise AI development more scalable and governable. In this post, we’ll cover how these new features work together. Then we’ll take a look through additional improvements that increase flexibility and security.
Let’s dig in!
Inside Coder’s AI Stack
How do AI Bridge, Agent Boundaries, and Coder Tasks work together? Each component addresses a specific challenge in enterprise AI development.
Coder Tasks provides the execution layer. AI agents run as managed jobs with full lifecycle control. Fire off a long-running task, walk away, get notified when it's done or needs attention.
Agent Boundaries provides the security layer. Define exactly what agents can access using network policies and tool restrictions.
Coder AI Bridge provides the governance layer. Centralized authentication, model access control, and usage logging across any LLM provider like Anthropic, OpenAI, Bedrock, Ollama, or your own.
The architecture is straightforward: secure workspaces where both humans and agents operate under the same governance model, on infrastructure you control. And that last part isn’t just a detail—it’s the foundation that makes everything else work.
Demo: Coder's Features for Efficient and Secure Agent Management
Why self-host your AI infrastructure?
Most coding agents today run on vendor infrastructure or individual laptops. That works until you need real security and governance. Agents running in fragmented environments can overreach, be prompt-injected, or operate without meaningful oversight.
Self-hosting your AI development stack with Coder gives you the control and safety those setups can’t. Benefits of self-hosting with Coder:
- Deploy everything on your own Kubernetes, cloud, or on-prem infrastructure.
- Isolate agents from user endpoints (no laptop access, no accidental over-permissions).
- Enforce strict boundaries on what agents can access inside your network.
- Centrally govern models, MCP servers, and tool usage.
- Gain unified observability for auditing, incident response, and cost/usage tracking.
- Maintain flexibility to choose any provider (Anthropic, OpenAI, Bedrock, on-prem models) without losing governance.
For the complete technical breakdown, read Inside the Stack: Secure and Scale AI Coding Agents with Coder.
New Coder platform features that power-up human + AI workflows
Alongside the new AI execution layer, we released platform improvements that make it easier to add tools, secure integrations, and govern workflows inside your infrastructure.
Plug-and-Play AI: New Coder Registry Modules
Consider this - a recent study from Atlassian found that enterprises lose billions of hours every year to fragmented tools and manual setup. Developer environments face the same problem: every team needs custom workflows, but building and maintaining them from scratch leads to drift, inconsistent access, and slow onboarding.
The Coder Registry solves this by letting platform teams drop vetted modules into any workspace with just a few lines of Terraform. Instead of reinventing the wheel or maintaining scattered scripts, teams get a composable, governed way to share and adopt integrations across the organization.
Over the last six months, we’ve released a wave of new modules for popular AI tools, including:
- Codex: OpenAI models via the Codex CLI with AgentAPI support.
- Gemini: Google’s Gemini CLI for interactive help and automated tasks.
- Cursor: One-click launch of the Cursor IDE.
- Kiro: Open workspaces in AWS Kiro IDE through Remote VS Code.
- Auggie: Augment’s CLI with strong codebase context and AgentAPI integration.
- Amp: Sourcegraph’s code search and analysis via the Amp CLI.
- Copilot: GitHub Copilot CLI with task reporting in the Coder UI.
- And a bonus community module, CopyParty: A compact file server with resumable uploads and media indexing.
Browse all modules in the Registry.
Scoped API Keys: Least Privilege by Default to Improve AI Agent Security
AI agents and automation tools often rely on user-generated API keys that grant broader permissions than they need. A developer creates a key for one task, but that key has access to provision workspaces, modify templates, and view all user data. This creates risk and makes audits harder for security teams that can’t track what each agent actually needs versus what it could access.
Scoped API keys solve this by limiting access to only the required actions and resources. They reuse Coder’s RBAC system, improve security for automation, and help teams adopt agents with confidence instead of overprovisioned access.
Create scoped keys using the CLI or API.
OAuth 2.1 Tokens: Modern Auth for Modern Agents
Static tokens are difficult to rotate, lack fine-grained scoping, and do not align with emerging AI integration standards. When an agent needs access to Coder, most teams generate a long-lived personal access token. If that token leaks, you have to revoke it manually, rotate it everywhere it's used, and hope nothing breaks. There's no automatic expiration, no refresh flow, and no standard way to limit what the token can do.
To solve this, Coder now issues scoped, revocable OAuth 2.1 tokens. This improves security and interoperability and prepares teams for modern agent protocols like MCP. Tokens expire automatically, can be refreshed without user intervention, and follow industry-standard flows that security teams already understand. Configure OAuth clients as you would with any standards-based provider.
What’s next for AI development infrastructure?
Launch Week reinforced something we’re seeing across many organizations: modern development teams can’t rely on a laptop-centered workflow, especially as AI becomes part of daily work. The products and platform updates we released give teams a secure and consistent foundation for both builders and agents.
Thank you for the engagement, questions, and early adoption. We’re excited to see how you use these capabilities next.
→ Have an idea? Install Coder open source.
→ Want to connect? Join our Discord.
→ Need help deciding where to start? Talk to our team.
Subscribe to our newsletter
Want to stay up to date on all things Coder? Subscribe to our monthly newsletter and be the first to know when we release new things!