Skip to content

Egress

Egress controls are runtime scoped. When enforcement is enabled, outbound host-based traffic is checked by the Runta egress gateway and denied unless the destination host is allowed.

Allowed hosts are host names, not full URLs, when you use the CLI:

pypi.org
api.openai.com
*.pythonhosted.org

Do not include https://, paths, ports, or query strings in CLI allowlist entries. SDK helpers accept URLs and normalize them to host names before calling the REST API. Wildcard entries match subdomains, so *.example.com matches api.example.com; add example.com separately if the apex host should also be allowed.

Terminal window
runta egress allow worker pypi.org '*.pythonhosted.org' api.openai.com
runta egress enable worker
runta egress table worker

Disable enforcement when the runtime should return to unrestricted outbound network access:

Terminal window
runta egress disable worker

The SDK equivalents are runtime.egress.disable() and await runtime.egress.disable().

The SDKs can replace the policy in one call:

from runta import EgressPolicy
runtime.egress.update_policy(
EgressPolicy(enabled=True, allowed_hosts=["api.github.com"])
)

Egress audit events record observed outbound activity and policy outcomes. Use them to confirm which host was reached, whether the gateway allowed or denied the request, and why.

Terminal window
runta egress events --sandbox worker --limit 20
runta egress events --watch --interval 5

The REST API exposes generic audit listing at GET /v1/audits. Filter by runtime and category when you only need egress evidence for one runtime.