> ## Documentation Index
> Fetch the complete documentation index at: https://paper.brimble.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Update sandbox egress policy

> Changes outbound network policy for a sandbox. Supported modes:

- `open` — full outbound internet access.
- `deny_all` — all outbound connections blocked.
- `restricted` — default deny with an allowlist (`allow` required).

Switching between modes may reattach the sandbox to a different network
profile. The response includes `network_updated: true` when that happens.
Allow a few seconds for the new policy to take effect before probing from
inside the sandbox.

Sandbox must be in status `ready`.




## OpenAPI

````yaml /api-reference/sandboxes.openapi.yaml put /sandboxes/{id}/egress
openapi: 3.0.3
info:
  title: Brimble Sandbox API
  description: >
    REST API for managing Brimble sandboxes, ephemeral compute environments with

    optional persistent storage. Covers lifecycle (create / pause / resume /
    destroy),

    egress policy, runtime operations (exec, runCode, file upload/download),

    observability (logs, stats), and snapshots.


    ## Conventions


    - **Response envelope:** non-`204` JSON responses use `{ "message": string,
    "data"?: <payload> }`.
      The schemas below describe the **`data`** payload only.
    - **Errors:** every non-2xx response uses `{ "message": string }`. The
    message is
      user-facing.
    - **Async transitions:** pause / resume / destroy return immediately;
      the status change is visible on the next `GET` or in the dashboard.
      **Create is synchronous** — `POST /sandboxes` blocks until `status` is `ready`.
    - **IDs:** every `id` is a 24-char hex string.
  version: 1.0.0
  contact:
    name: Brimble Engineering
    url: https://brimble.io
servers:
  - url: https://sandbox.brimble.io
    description: Production
security:
  - brimbleKey: []
tags:
  - name: Sandboxes
    description: Lifecycle and metadata
  - name: Runtime
    description: Exec, code, files
  - name: Observability
    description: Logs and stats
  - name: Snapshots
    description: Manual & automatic snapshots
  - name: Volumes
    description: >-
      Persistent disks, pre-provisioned independently of sandbox lifecycle, then
      attached to a sandbox or project
paths:
  /sandboxes/{id}/egress:
    put:
      tags:
        - Sandboxes
      summary: Update sandbox egress policy
      description: >
        Changes outbound network policy for a sandbox. Supported modes:


        - `open` — full outbound internet access.

        - `deny_all` — all outbound connections blocked.

        - `restricted` — default deny with an allowlist (`allow` required).


        Switching between modes may reattach the sandbox to a different network

        profile. The response includes `network_updated: true` when that
        happens.

        Allow a few seconds for the new policy to take effect before probing
        from

        inside the sandbox.


        Sandbox must be in status `ready`.
      operationId: updateSandboxEgress
      parameters:
        - $ref: '#/components/parameters/SandboxIdParam'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UpdateSandboxEgressInput'
            examples:
              open:
                summary: Restore full outbound access
                value:
                  mode: open
              denyAll:
                summary: Block all outbound traffic
                value:
                  mode: deny_all
              restricted:
                summary: Allowlist specific hosts
                value:
                  mode: restricted
                  allow:
                    - 1.1.1.1
                    - api.openai.com
      responses:
        '200':
          description: Egress updated
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SandboxEgressUpdateEnvelope'
              examples:
                networkSwitched:
                  summary: Network profile changed
                  value:
                    message: Sandbox egress updated
                    data:
                      id: 507f1f77bcf86cd799439011
                      egress:
                        mode: restricted
                        allow:
                          - 1.1.1.1
                      block_outbound: false
                      network_updated: true
        '400':
          $ref: '#/components/responses/BadRequest'
        '404':
          $ref: '#/components/responses/NotFound'
components:
  parameters:
    SandboxIdParam:
      in: path
      name: id
      required: true
      schema:
        type: string
        pattern: ^[a-f0-9]{24}$
      description: 24-char hex id of the sandbox.
  schemas:
    UpdateSandboxEgressInput:
      type: object
      required:
        - mode
      description: Request body for `PUT /sandboxes/{id}/egress`.
      properties:
        mode:
          $ref: '#/components/schemas/SandboxEgressMode'
        allow:
          type: array
          minItems: 1
          maxItems: 50
          items:
            type: string
            minLength: 1
            maxLength: 253
          description: Required when `mode` is `restricted`; must be omitted otherwise.
    SandboxEgressUpdateEnvelope:
      type: object
      required:
        - message
        - data
      properties:
        message:
          type: string
          example: Sandbox egress updated
        data:
          allOf:
            - $ref: '#/components/schemas/Sandbox'
          description: Includes `network_updated` when the network profile changed.
    SandboxEgressMode:
      type: string
      enum:
        - open
        - restricted
        - deny_all
      description: >
        Outbound network policy for a sandbox.


        - `open` — full outbound internet access (default).

        - `deny_all` — all outbound connections blocked; inbound Brimble API
        calls still work.

        - `restricted` — default deny with an allowlist (`allow` required on
        update).
    Sandbox:
      type: object
      required:
        - id
        - name
        - template
        - status
        - region
        - specs
        - auto_destroy
        - one_shot
        - block_outbound
        - egress
        - persistent
        - created_at
        - last_activity_at
        - expires_at
      properties:
        id:
          type: string
        name:
          type: string
        template:
          type: string
        status:
          $ref: '#/components/schemas/SandboxStatus'
        region:
          $ref: '#/components/schemas/SandboxRegion'
        specs:
          $ref: '#/components/schemas/SandboxSpecs'
        team:
          type: string
          nullable: true
        project_environment:
          type: string
          nullable: true
        auto_destroy:
          type: boolean
        destroy_timeout:
          type: string
          nullable: true
          enum:
            - 30m
            - 1h
            - 3h
            - 6h
            - 12h
            - 18h
            - null
        one_shot:
          type: boolean
        block_outbound:
          type: boolean
          description: >
            Legacy mirror of egress policy. `true` when `egress.mode` is
            `deny_all`.

            Prefer reading `egress.mode` directly.
        egress:
          $ref: '#/components/schemas/SandboxEgressConfig'
        network_updated:
          type: boolean
          description: >
            Only present on `PUT /sandboxes/{id}/egress` responses. `true` when
            the

            sandbox was reattached to a different network profile as part of the
            update.
        persistent:
          type: boolean
        persistent_disk_gb:
          type: integer
          nullable: true
        paused_at:
          type: string
          format: date-time
          nullable: true
        from_snapshot:
          type: string
          nullable: true
        snapshot_mode:
          type: string
          enum:
            - manual
            - automatic
        snapshot_frequency:
          type: string
          nullable: true
        created_at:
          type: string
          format: date-time
        last_activity_at:
          type: string
          format: date-time
        expires_at:
          type: string
          format: date-time
        destroyed_at:
          type: string
          format: date-time
          nullable: true
        destroy_reason:
          allOf:
            - $ref: '#/components/schemas/DestroyReason'
          nullable: true
    ErrorResponse:
      type: object
      required:
        - message
      properties:
        message:
          type: string
          description: Human-readable, user-facing error reason.
    SandboxStatus:
      type: string
      enum:
        - starting
        - ready
        - pausing
        - paused
        - resuming
        - failed
        - destroyed
    SandboxRegion:
      type: object
      required:
        - id
        - name
        - country
        - continent
        - enabled
        - type
      properties:
        id:
          type: string
          example: 6a06df21cc6bef51342e199e
        name:
          type: string
          example: eu-west
        country:
          type: string
          example: France
        continent:
          type: string
          example: Europe
        enabled:
          type: boolean
          description: Whether the region is currently accepting new sandboxes.
        type:
          type: string
          enum:
            - sandbox
          description: Region kind. Sandbox endpoints only return sandbox-eligible regions.
    SandboxSpecs:
      type: object
      properties:
        cpu:
          type: integer
          minimum: 1
          maximum: 2000
          description: CPU shares in Nomad MHz units.
        memory:
          type: integer
          minimum: 1
          maximum: 2048
          description: Memory in MB.
        disk:
          type: integer
          minimum: 1
          maximum: 5
          description: Ephemeral scratch disk in GB. Separate from persistent storage.
    SandboxEgressConfig:
      type: object
      required:
        - mode
      description: Outbound network policy applied to the sandbox container.
      properties:
        mode:
          $ref: '#/components/schemas/SandboxEgressMode'
        allow:
          type: array
          maxItems: 50
          items:
            type: string
            minLength: 1
            maxLength: 253
          description: >
            Allowlist for `restricted` mode. Each entry is an IPv4 address, CIDR
            range

            (e.g. `10.0.0.0/8`), or hostname (e.g. `api.example.com`). Required
            with at

            least one entry when updating to `restricted`; optional at create
            time.
          example:
            - 1.1.1.1
            - api.example.com
      example:
        mode: restricted
        allow:
          - 1.1.1.1
          - api.example.com
    DestroyReason:
      type: string
      enum:
        - user
        - idle_ttl
        - max_lifetime
        - one_shot_stopped
        - failed
        - paused_too_long
  responses:
    BadRequest:
      description: Validation error / invalid state transition
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
          examples:
            invalidId:
              summary: Invalid sandbox id
              value:
                message: Invalid sandbox id
            statusTransition:
              summary: Wrong status
              value:
                message: Sandbox is paused; only ready sandboxes can be paused
            fileNotDir:
              summary: Parent dir missing on upload
              value:
                message: 'Destination directory does not exist: /work'
            duplicateVolumeName:
              summary: Duplicate volume name
              value:
                message: A volume named "node-cache" already exists
            volumeAttached:
              summary: Delete attempted on attached volume
              value:
                message: Volume is attached; detach it before deleting
    NotFound:
      description: >-
        Sandbox or related resource not found (also returned when owned by
        another user)
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
          examples:
            sandboxNotFound:
              value:
                message: Sandbox not found
            snapshotNotFound:
              value:
                message: Snapshot not found
            volumeNotFound:
              value:
                message: Volume not found
  securitySchemes:
    brimbleKey:
      type: apiKey
      in: header
      name: x-brimble-key
      description: |
        Your account-level Brimble API key. Find it in the dashboard under
        your profile drawer → **API key** (click the avatar in the sidebar).
        Available on paid plans only.

````