All posts
June 18, 20264 min read

Session recording for AI coding agents on EKS

An internal AI coding assistant is wired into the CI pipeline, and every action it takes against a production EKS cluster is currently invisible to auditors. Because the assistant runs without session recording, a malicious prompt could cause the agent to delete a namespace or expose secrets without any replayable evidence. The lack of visibility means security teams cannot reconstruct what happened, and compliance auditors have no proof that the AI‑driven change was reviewed. What teams really

Free White Paper

AI Session Recording + Single Sign-On (SSO): The Complete Guide

Architecture patterns, implementation strategies, and security best practices. Delivered to your inbox.

Free. No spam. Unsubscribe anytime.
Coleman Nye

An internal AI coding assistant is wired into the CI pipeline, and every action it takes against a production EKS cluster is currently invisible to auditors. Because the assistant runs without session recording, a malicious prompt could cause the agent to delete a namespace or expose secrets without any replayable evidence.

The lack of visibility means security teams cannot reconstruct what happened, and compliance auditors have no proof that the AI‑driven change was reviewed. What teams really need is reliable session recording for these AI‑driven sessions. The ideal solution would capture every command, arguments, and response while still allowing the agent to talk directly to the Kubernetes control plane. In the current setup, the request still reaches the cluster unmediated, so there is no point at which the system can observe or store the interaction.

To address this, the architecture must insert a mandatory data‑path component between the AI agent and the Kubernetes API. This component validates the caller’s identity, maps it to an AWS IAM role, and then proxies the request. Because all traffic is forced through a single gateway, the component can record each request and response, write the data to a durable store, and make the session replayable for forensic analysis.

hoop.dev provides exactly that gateway. The gateway runs a lightweight agent inside the same network as the cluster and becomes the only conduit for API calls. When the AI coding agent initiates a kubectl command, the request is routed to the hoop.dev gateway instead of the EKS endpoint. The gateway validates the OIDC token, assumes the configured IAM role, and forwards the request to the cluster. Because the gateway is the sole conduit, it can apply session recording consistently for every command, regardless of who issued it.

Why the data path matters for session recording

The first line of defense is the identity setup. Engineers and service accounts obtain OIDC tokens from an identity provider; the token tells the system who is making the request. This setup step decides who may start a session, but it does not enforce any guardrails on its own. The actual enforcement must happen where the traffic is inspected.

hoop.dev sits in that exact spot. By sitting between the caller and the EKS control plane, it can observe every API call, log the payload, and store the result in a secure location. The recorded session can later be replayed in a sandboxed environment, allowing engineers to see exactly what the AI assistant did, step by step. This capability satisfies forensic requirements and gives security reviewers a clear picture of any unexpected changes.

How session recording works for EKS

When a request reaches hoop.dev, the gateway creates a session context identified by the AI agent’s user name and the target cluster. Every API call – whether it is a GET for pod information or a POST that creates a deployment – is logged with timestamps, request payloads, and the cluster’s response. The logs are written to a durable store outside the agent’s process, ensuring that even if the agent is compromised, the recorded evidence remains intact.

The recorded session can be replayed in a sandboxed environment, allowing engineers to see exactly what the AI assistant did, step by step. This capability satisfies forensic requirements and gives security reviewers a clear picture of any unexpected changes.

Deploying hoop.dev for AI‑driven EKS access

1. Deploy the gateway in the same VPC or subnet as the EKS cluster. The official quick‑start uses Docker Compose, but Kubernetes or AWS deployments are also supported.

Continue reading? Get the full guide.

AI Session Recording + Single Sign-On (SSO): Architecture Patterns & Best Practices

Free. No spam. Unsubscribe anytime.

2. Register the EKS cluster as a connection in hoop.dev. The connection definition includes the cluster endpoint, the AWS region, and the IAM role that the gateway’s agent will assume. This role is separate from the static service‑account key the AI agent previously used.

3. Configure the AI coding agent to obtain an OIDC token from the corporate identity provider and present it to hoop.dev. The token conveys the agent’s identity, and hoop.dev maps that identity to the IAM role defined in step 2.

4. Enable the session recording feature in the gateway’s policy configuration. From that point forward, every kubectl or API call that passes through hoop.dev is captured.

5. Review recorded sessions in the web UI or export them for long‑term storage. The UI provides filters by user, cluster, and time window, making it easy to locate the exact run that introduced a change.

Benefits beyond simple logging

Because hoop.dev is the only place the traffic can be observed, it also enables just‑in‑time approvals, command‑level blocking, and inline masking of sensitive fields. While the primary focus of this post is session recording, those additional controls share the same data‑path advantage.

Security teams gain immutable evidence for audits, incident responders can replay the exact sequence that caused a breach, and developers retain the flexibility to let AI agents automate routine tasks without sacrificing visibility.

Next steps

To get started, follow the getting‑started guide which walks through deploying the gateway, registering an EKS connection, and turning on session recording. The learn section contains deeper explanations of policy design and replay tooling.

When you are ready to explore the source code, contribute improvements, or review the implementation details, visit the GitHub repository. The project is MIT licensed and welcomes community contributions.

FAQ

Q: Does hoop.dev store the raw Kubernetes API payloads?
A: Yes, the gateway writes each request and response to a durable store that is separate from the agent process, providing a reliable audit trail.

Q: Can I limit session recording to specific namespaces?
A: Policy rules can be scoped by Kubernetes RBAC attributes, so you can enable recording only for high‑value namespaces while allowing lighter logging elsewhere.

Q: How does hoop.dev affect latency for kubectl commands?
A: Because the gateway runs close to the cluster and proxies at the protocol layer, added latency is typically a few milliseconds, which is negligible for most operational workflows.

Open source

Save the open-source gateway for agent data access

Hoop is MIT-licensed infrastructure for controlling how AI agents reach production data. Star hoophq/hoop so you can inspect it, deploy it, or share it when your team starts governing agent access.

Star and save the repo →More posts
Ask AI about this topic
ClaudeChatGPTGrokGeminiPerplexityCopilot