Skip to content

Commit 2c203bf

Browse files
CopilotCopilot
authored
docs: expand README to reflect AWF feature scope and command surface (#3214)
* Initial plan * docs: sync README with implemented AWF capabilities * docs: clarify README command prerequisites --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
1 parent d544d94 commit 2c203bf

1 file changed

Lines changed: 33 additions & 1 deletion

File tree

README.md

Lines changed: 33 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ A network firewall for agentic workflows that restricts outbound HTTP/HTTPS to a
2020

2121
- **Docker**: 20.10+ with Docker Compose v2
2222
- **Node.js**: 20.19.0+ (for building from source)
23-
- **OS**: Ubuntu 22.04+ or compatible Linux distribution
23+
- **OS**: Ubuntu 22.04+ or compatible Linux distribution (x86_64 and arm64)
2424

2525
See [Compatibility](docs/compatibility.md) for full details on supported versions and tested configurations.
2626

@@ -33,6 +33,38 @@ sudo awf --allow-domains github.com -- curl https://api.github.com
3333

3434
The `--` separator divides firewall options from the command to run.
3535

36+
## Feature highlights
37+
38+
- **Declarative config support**: `--config <path>` with JSON/YAML + published JSON Schema
39+
- **Domain and URL controls**: allow/deny domain rules, SSL Bump (`--ssl-bump`), and URL patterns (`--allow-urls`, requires `--ssl-bump`)
40+
- **Data protection controls**: DLP scanning (`--enable-dlp`), DNS-over-HTTPS, and agent runtime limits (`--agent-timeout`)
41+
- **API proxy capabilities**: OpenAI, Anthropic, Copilot, and Gemini targets with rate limits, token steering, and Anthropic auto-cache
42+
- **Infrastructure flexibility**: upstream proxy chaining, host service access, Docker-in-Docker, custom mounts, memory limits, and TTY mode
43+
- **Operational tooling**: pre-download images and inspect logs/stats/summaries/audits from live or saved runs
44+
45+
## CLI subcommands
46+
47+
- `awf predownload` — pre-pull runtime images for faster startup or offline environments
48+
- `awf logs` — inspect firewall logs in raw/pretty/json
49+
- `awf logs stats` — aggregate traffic statistics
50+
- `awf logs summary` — markdown/json summaries (great for GitHub Actions step summaries)
51+
- `awf logs audit` — audit view with policy-rule matching (requires `policy-manifest.json`, typically from `--audit-dir`)
52+
53+
For the complete CLI surface area, run `awf --help`.
54+
55+
## GitHub Action quick start
56+
57+
```yaml
58+
steps:
59+
- uses: actions/checkout@v4
60+
- name: Setup AWF
61+
uses: github/gh-aw-firewall@v1
62+
- name: Run command through firewall
63+
run: sudo awf --allow-domains github.com,api.github.com -- curl https://api.github.com
64+
```
65+
66+
See [GitHub Actions](docs/github_actions.md) for advanced setup and `awf logs summary` examples.
67+
3668
## Explore the docs
3769

3870
- [Quick start](docs/quickstart.md) — install, verify, and run your first command

0 commit comments

Comments
 (0)