Egress
Egress modes are denylist and allowlist. Host values are hostnames or
wildcard host patterns, not full URLs.
runta egress list
Section titled “runta egress list”runta egress listrunta egress describe
Section titled “runta egress describe”runta egress describe <runtime_name>runta egress set
Section titled “runta egress set”Replace the runtime egress policy.
runta egress set <runtime_name> --mode allowlist [--allow <host>...]runta egress set <runtime_name> --mode denylist [--deny <host>...]runta egress set -f <file>| Option | Description |
|---|---|
--mode <mode> | denylist or allowlist. Required unless -f is used. |
--allow <host>... | Allowed hosts. Only valid with --mode allowlist. |
--deny <host>... | Denied hosts. Only valid with --mode denylist. |
-f, --file <file> | YAML policy file. Omit <runtime_name> when using a file. |
denylist with no denied hosts is the default open policy. Use allowlist
when a runtime should reach only explicitly named hosts.
YAML files use a top-level policies list:
policies: - runtime: demo mode: allowlist allow: - pypi.org - "*.pythonhosted.org" - runtime: crawler mode: denylist deny: - example.com