Putting access controls around GitHub Copilot: session recording for AI coding agents (on AWS)

When an AI coding assistant writes code on a developer’s behalf, it can also surface credentials, API keys, or proprietary algorithms that should never leave the organization. Without a record of what the assistant sent or received, security teams lose the ability to prove whether a secret was exposed, to investigate a breach, or to demonstrate compliance during an audit. The cost of that blind spot can be a data‑leak incident, a regulatory penalty, or a loss of trust in the development pipeline.

Why session recording matters for AI coding agents

GitHub Copilot integrates directly with an IDE or CI system and streams prompts and completions over HTTPS. The traffic is encrypted end‑to‑end, which protects it in transit but also hides it from internal monitoring tools. If a developer inadvertently asks the model to generate a password, that secret traverses the network and may be cached by the service. Without a reliable audit log, the organization cannot answer questions such as “who asked for this secret?” or “was the secret ever stored in a repository?”. Session recording provides a reliable audit log that captures every request and response, enabling forensic analysis and satisfying audit requirements.

The missing piece in a standard setup

Most enterprises already enforce identity‑aware access for services that invoke Copilot. They use OIDC or SAML providers to issue short‑lived tokens, assign minimal scopes to service accounts, and rely on AWS IAM policies to limit which resources the token can reach. This setup determines who can call the Copilot API and what they are allowed to do, but it does not give visibility into the actual content of those calls. The request still travels straight from the developer’s machine or CI runner to the Copilot backend, bypassing any point where the organization can inspect, approve, or record the exchange. In other words, the enforcement boundary ends at the identity check, leaving the data path unchecked.

hoop.dev as the data‑path gateway

hoop.dev fills the gap by acting as a Layer 7 gateway that sits between the client (IDE, CI pipeline, or automated agent) and the Copilot service. The gateway terminates the TLS connection, validates the OIDC token, and then forwards the request to Copilot only after applying policy checks. Because all traffic passes through hoop.dev, it can record each session, enforce just‑in‑time approvals, and optionally mask sensitive fields before they reach the model. The gateway runs an agent inside the same network as the client, ensuring that credentials never leave the organization’s control plane.

How session recording works with hoop.dev

• Identity verification: The gateway receives an OIDC token, validates it against the configured IdP, and extracts group membership to decide whether the request is allowed to proceed.
• Just‑in‑time access: Even if a service account has a broad scope, hoop.dev can require a one‑time approval before the first Copilot request is sent, reducing the attack surface.
• Session capture: hoop.dev writes a chronological record of every request and response, including timestamps and the identity that originated the call. The record is stored in a secure audit log that can be queried later for audits or investigations.
• Optional masking: If a response contains a secret, hoop.dev can replace the value with a placeholder before it reaches the client, preventing accidental leakage into logs or source code.

All of these capabilities are enforced at the gateway level, which means they are independent of the client’s code or the Copilot service itself. Removing hoop.dev would eliminate the session‑recording guarantee, because the data would again flow directly to the external API without any inspection.

Deploying the solution

To bring session recording to GitHub Copilot on AWS, follow these high‑level steps:

1. Deploy the hoop.dev gateway using the provided Docker Compose file or the Kubernetes manifests. The deployment includes a network‑resident agent that will sit next to your CI runners or developer workstations.
2. Configure a Copilot connection in the gateway’s catalog, supplying the endpoint URL and the service‑account credentials that the gateway will use to authenticate to Copilot.
3. Set up OIDC authentication against your corporate IdP (Okta, Azure AD, Google Workspace, etc.). The gateway will act as a relying party and will read group claims to drive access decisions.
4. Enable session recording in the connection policy. The policy can be scoped per team, per repository, or per environment, giving you fine‑grained control over what gets recorded.
5. Update your development tools or CI pipelines to point at the hoop.dev endpoint instead of the native Copilot URL. The client libraries remain unchanged; the gateway simply proxies the traffic.

Because hoop.dev is open source, you can inspect the code, contribute improvements, or run it entirely behind your firewall. For detailed installation instructions, see the getting‑started guide. The full source repository is available on GitHub.

FAQ

Does session recording add latency to Copilot calls?

hoop.dev records the request and response as they pass through the gateway. The additional processing is minimal compared to the round‑trip time to the external service, and the latency impact is typically measured in milliseconds.

Can I limit recording to specific teams or projects?

Yes. The gateway’s policy engine lets you define recording rules based on identity attributes, repository names, or environment tags. Only the traffic that matches the rule set will be stored.

Is the recorded data encrypted at rest?

All session logs are written to a storage backend that supports encryption. The exact implementation details are documented in the learn section, and you can configure the backend to meet your organization’s compliance requirements.