Use Compliance Frameworks to determine Duo Agent Platform availability in projects

Problem to solve

Organizations managing regulated projects or projects handling sensitive data currently lack a scalable mechanism to control GitLab Duo Agent Platform access based on compliance requirements. While group-based access controls exist, they don't leverage the existing compliance framework infrastructure that organizations already use to classify and govern their projects.

Current limitations:

• Duo Agent Platform access is controlled through manual group assignment or instance/namespace toggles
• No automatic relationship between a project's compliance posture and AI tool access
• Organizations must maintain separate governance structures for compliance frameworks and AI access
• No way to enforce "AI-free zones" for projects under specific regulatory requirements (e.g., HIPAA, PCI-DSS, SOC2, customer contractual obligations)

Example scenarios requiring this capability:

• A financial services company needs to disable Duo Agent Platform for all projects labeled with their "PCI-DSS" compliance framework due to contractual restrictions on AI tool usage
• A healthcare organization wants to enable Duo Agent Platform only for internal tooling projects while restricting it from patient data systems marked with their "HIPAA" framework
• An enterprise needs to phase Duo Agent Platform adoption by first enabling it only for projects without compliance framework requirements

Intended users

• Compliance Manager managing regulatory requirements across multiple projects
• Security Operations Engineer enforcing security policies at scale
• Organization Owner governing AI adoption across their GitLab instance

Proposal

Extend compliance frameworks with the ability to control GitLab Duo Agent Platform availability at the project level.

Configuration Location: Add a new "AI Tool Access" section when creating or editing compliance frameworks at:

• Group level: Secure > Compliance center > Frameworks
• Centralized compliance frameworks: Compliance and security policy group

New Settings:

AI Tool Access (Optional) ○ Default (inherit from group/instance settings) ○ Enabled (allow Duo Agent Platform regardless of higher-level settings) ○ Disabled (block Duo Agent Platform for projects with this framework)

Enforcement Logic:

1. When a compliance framework is applied to a project, the framework's AI tool access setting takes precedence over group/namespace settings
2. A "Disabled" framework blocks Duo Agent Platform even if enabled at the group/instance level
3. An "Enabled" framework allows Duo Agent Platform if the user has proper permissions and it's enabled at instance level
4. "Default" inherits existing group-based and namespace settings
5. Multiple frameworks on a project: Most restrictive setting wins (Disabled > Default > Enabled)

Benefits:

• ✅ Leverages existing compliance framework infrastructure
• ✅ Provides audit trail through compliance center reporting
• ✅ Scales automatically as new projects are added to frameworks
• ✅ Aligns AI governance with existing compliance workflows
• ✅ Visible in compliance dashboards showing AI access status

User experience goal

As a Compliance Manager, I want to control AI tool access based on regulatory requirements so that I can ensure projects under specific compliance obligations don't use AI assistance when contractually restricted, while still allowing AI adoption for appropriate projects.

Example workflow:

1. Create compliance framework "PCI-DSS Level 1" with AI Tool Access = "Disabled"
2. Apply framework to 50 payment processing projects
3. All 50 projects automatically block Duo Agent Platform access
4. Compliance dashboard shows: "50 projects with AI access restricted by compliance framework"
5. Developers see clear message: "Duo Agent Platform is disabled for this project due to PCI-DSS Level 1 compliance requirements"

Permissions and Security

• Framework AI settings management: Requires Owner role at the group level (consistent with current compliance framework permissions)
• No permission escalation: Framework settings cannot grant access beyond what instance/group admins have configured
• Audit logging: Framework-based restrictions logged in audit events

Documentation

Would require updates to:

• Compliance frameworks documentation
• Configure access for the Agent Platform
• Compliance center documentation

Availability & Testing

Tier: Ultimate (aligns with compliance framework feature tier)

Feature flag: compliance_framework_duo_access_control (enabled by default)

Testing plan:

• Unit tests for framework access logic
• Integration tests for multi-framework inheritance
• E2E tests for UI changes in compliance center
• Access control verification in Duo Agent Platform features

Related issues

This complements existing access controls:

• Group-based access controls: Configure access for the Agent Platform
• Role-based permissions (future): Mentioned in Duo Agent Platform GA documentation as planned enhancement