| Name | Type | Description |
|---|---|---|
snapshot_id | Optional[str] | Default: NoneOptional snapshot ID to boot from. Mutually exclusive
with |
snapshot_name | Optional[str] | Default: NoneSnapshot name to boot from. Resolved server-side to a
snapshot owned by the caller's tenant. Mutually exclusive with
|
name | Optional[str] | Default: None |
timeout | int | Default: 30 |
wait_for_ready | bool | Default: True |
idle_ttl_seconds | Optional[int] | Default: None |
delete_after_stop_seconds | Optional[int] | Default: None |
vcpus | Optional[int] | Default: None |
mem_bytes | Optional[int] | Default: None |
fs_capacity_bytes | Optional[int] | Default: None |
mount_config | Optional[SandboxMountConfig] | Default: None |
proxy_config | Optional[SandboxProxyConfig] | Default: None |
Create a new Sandbox.
The sandbox is NOT automatically deleted. Use delete_sandbox() for cleanup, or use sandbox() for automatic cleanup with a context manager.
Optional sandbox name (auto-generated if not provided).
Timeout in seconds when waiting for ready (only used when wait_for_ready=True).
If True (default), block until sandbox is ready. If False, return immediately with status "provisioning". Use get_sandbox_status() or wait_for_sandbox() to poll for readiness.
Idle timeout in seconds. The launcher
automatically stops the sandbox after this duration of
inactivity. Must be a multiple of 60. 0 explicitly
disables the idle stop. When omitted (None), the server
applies a default of 600 seconds (10 minutes).
Seconds after the sandbox enters the
stopped state before it (and its filesystem clone) are
permanently deleted. Must be a multiple of 60. 0 disables
stop-anchored deletion (manual cleanup required). When
omitted (None), the server applies its configured default.
Number of vCPUs.
Memory in bytes.
Root filesystem capacity in bytes.
Mount configuration forwarded to the server as
mount_config. The backend expands mount auth into runtime
proxy rules. Explicit AWS/GCP proxy rules in proxy_config
conflict with mount auth for the same provider.
Per-sandbox proxy configuration forwarded to the
server as-is. Shape matches the backend proxy_config field:
{"rules": [...], "no_proxy": [...], "access_control": {"allow_list": [...]}} or {"access_control": {"deny_list": [...]}}. Use access_control.allow_list to
restrict outbound HTTPS to a set of host patterns (exact
domains, globs like *.example.com, IPs, CIDRs, or
~regex). Use proxy_config with provider rule helpers
such as aws_auth to let the proxy sign supported
AWS HTTPS requests on the sandbox's behalf.