The firewall config should accept allowed and disallowed models as arrays of model-named globs, following the same spec as the existing models.
The allowed models list is an allowlist of models that may be used, while disallowed models act as a denylist.
These lists should be enforced in two places:
- When resolving an alias, apply the allowed and disallowed model logic
- When serving an inference and resolving the model name, enforce the same guardrails
The goal of this feature is to provide enterprise-level safeguards against restricted models and prevent accidental use of expensive models like Opus. It also supports compliance requirements where certain models must not be enabled.
The firewall config should accept allowed and disallowed models as arrays of model-named globs, following the same spec as the existing models.
The allowed models list is an allowlist of models that may be used, while disallowed models act as a denylist.
These lists should be enforced in two places:
The goal of this feature is to provide enterprise-level safeguards against restricted models and prevent accidental use of expensive models like Opus. It also supports compliance requirements where certain models must not be enabled.