Security recommendations for Agent Studio

As Agent Studio is a Technical Preview feature, its security framework is continually being improved. We strongly recommend adhering to the best practices for deployment and access control.

Migration and Deployment

Runtime mode only (recommended): The use of the prebuilt, containerized ML Runtime Image is the recommended method for deploying Agent Studio. All new features and security improvements will be available exclusively through this method. The previous methods of deployment (from source code) and AMP mode are now deprecated.
Use Service Accounts for external services: If your shared Agent Studio instance connects to external services like Cloudera Data Warehouse or Datalake using JWT tokens or Kerberos credentials, deploy the workflow using a service account.
note
Without a service account, the application creator's credentials, rather than the end user's credentials, are used for access in a shared environment, which is highly discouraged for security and auditing reasons.
Do not bypass application authentication: Agent Studio is designed to rely on the Cloudera AI Workbench for user authentication. Bypassing this authentication mechanism during Agent Studio application deployment is strongly discouraged.

Access Control and Permissions

Limit collaborators (RBAC Gap): Agent Studio currently lacks a native Role-Based Access Control (RBAC) mechanism. To manage access effectively, you should create private projects and strictly limit the number of collaborators who have access to the project.
Minimal permissions for custom tools: When developing and configuring custom tools, such as MCP servers, adhere to the principle of least privilege. Custom tools run in a sandboxed environment with limited default access. Provide only the minimal necessary permissions to the custom tools.