Governance and Audit
Use the egress gateway when a runtime should only reach approved external hosts. The policy is set per runtime, so you can keep one runtime open for general development while locking another runtime down to a package registry, model API, or internal service.
Each runtime has two egress settings:
intercept enabled -> outbound host-based traffic is checked by the gatewayallowed hosts -> hostnames the runtime is allowed to reachAllowed hosts are hostnames, not URLs. Use pypi.org, api.openai.com, or
*.pythonhosted.org; do not include https://, paths, ports, or query strings.
Wildcard entries only match subdomains, so *.example.com matches
api.example.com but not example.com.
Create a runtime for the demo:
runta run --name <runtime_display_name> --cpus 2 --memory 2048from runta import Runta
runta = Runta()runtime = runta.runtimes.create("<runtime_display_name>", vcpus=2, memory_mib=2048)import { Runta } from "@runta/runta-sdk";
const runta = new Runta();const runtime = await runta.runtimes.create("<runtime_display_name>", { vcpus: 2, memoryMiB: 2048,});Add allowed hosts, then enable interception:
runta egress allow <runtime_display_name> pypi.org "*.pythonhosted.org" api.openai.comrunta egress enable <runtime_display_name>runtime.egress.allow(["pypi.org", "*.pythonhosted.org", "api.openai.com"])runtime.egress.enable()await runtime.egress.allow(["pypi.org", "*.pythonhosted.org", "api.openai.com"]);await runtime.egress.enable();Verify the policy:
runta egress table <runtime_display_name>print(runtime.egress.list())console.log(await runtime.egress.list());Try an allowed request from inside the runtime:
runta exec <runtime_display_name> -- sh -lc 'curl -fsSI https://pypi.org/simple/ | head -n 1'Try a host that is not on the allowlist, it should be blocked:
runta exec <runtime_display_name> -- sh -lc 'curl -fsSI --max-time 10 https://example.com || true'Review the audit trail:
runta egress events --sandbox <runtime_display_name> --limit 20events = runtime.egress.audit(limit=20)for event in events: print(event.action, event.host, event.path)