Skip to main content
PUT
/
sandboxes
/
{sandboxID}
/
network
Update sandbox network
curl --request PUT \
  --url https://api.e2b.app/sandboxes/{sandboxID}/network \
  --header 'Content-Type: application/json' \
  --header 'X-API-Key: <api-key>' \
  --data '
{
  "allowOut": [
    "<string>"
  ],
  "denyOut": [
    "<string>"
  ],
  "egressProxy": {
    "address": "<string>",
    "username": "<string>",
    "password": "<string>"
  },
  "rules": {},
  "allow_internet_access": true
}
'
{
  "code": 123,
  "message": "<string>"
}

Authorizations

X-API-Key
string
header
required

Path Parameters

sandboxID
string
required

Body

application/json

Network configuration update for a running sandbox. Replaces the current egress rules with the provided configuration. Omitting a field clears it.

allowOut
string[]

List of allowed destinations for egress traffic. Each entry can be a CIDR block (e.g. "8.8.8.8/32"), a bare IP address (e.g. "8.8.8.8"), or a domain name (e.g. "example.com", "*.example.com"). Allowed entries always take precedence over denied entries.

denyOut
string[]

List of denied CIDR blocks or IP addresses for egress traffic. Domain names are not supported for deny rules.

egressProxy
object | null

SOCKS5 proxy for sandbox egress. Outbound TCP is tunneled through the proxy after allow/deny filtering; the sandbox is unaware. Domain-matched flows use remote DNS (ATYP=domain).

rules
object

Per-domain transform rules. Replaces all existing rules when provided.

allow_internet_access
boolean

Allow sandbox to access the internet. When set to false, it behaves the same as specifying denyOut to 0.0.0.0/0 in the network config.

Response

Successfully updated the sandbox network configuration