Skip to content

Governance and Audit

Use the egress gateway when a runtime should only reach approved external hosts. The policy is set per runtime, so you can keep one runtime open for general development while locking another runtime down to a package registry, model API, or internal service.

Each runtime has two egress settings:

intercept enabled -> outbound host-based traffic is checked by the gateway
allowed hosts -> hostnames the runtime is allowed to reach

Allowed hosts are hostnames, not URLs. Use pypi.org, api.openai.com, or *.pythonhosted.org; do not include https://, paths, ports, or query strings. Wildcard entries only match subdomains, so *.example.com matches api.example.com but not example.com.

Create a runtime for the demo:

Terminal window
runta run --name <runtime_display_name> --cpus 2 --memory 2048

Add allowed hosts, then enable interception:

Terminal window
runta egress allow <runtime_display_name> pypi.org "*.pythonhosted.org" api.openai.com
runta egress enable <runtime_display_name>

Verify the policy:

Terminal window
runta egress table <runtime_display_name>

Try an allowed request from inside the runtime:

Terminal window
runta exec <runtime_display_name> -- sh -lc 'curl -fsSI https://pypi.org/simple/ | head -n 1'

Try a host that is not on the allowlist, it should be blocked:

Terminal window
runta exec <runtime_display_name> -- sh -lc 'curl -fsSI --max-time 10 https://example.com || true'

Review the audit trail:

Terminal window
runta egress events --sandbox <runtime_display_name> --limit 20