Skip to content

Commit d45e548

Browse files
mikenomitchmikenomitch
authored
Adds documentation for Claude Managed Agents and Sandboxes (#30912)
1 parent 71837eb commit d45e548

2 files changed

Lines changed: 86 additions & 0 deletions

File tree

public/__redirects

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,9 @@
44
# ============================================================================
55

66

7+
# Sandbox (claude-managed-agents moved to tutorials)
8+
/sandbox/claude-managed-agents/ /sandbox/tutorials/claude-managed-agents/ 301
9+
710
# Blocked Content (Security center restructuring)
811
/security-center/blocked-content/ /fundamentals/reference/report-abuse/blocked-content/ 301
912

src/content/docs/sandbox/tutorials/claude-managed-agents.mdx

Lines changed: 83 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,83 @@
1+
---
2+
title: Set up Claude Managed Agents
3+
pcx_content_type: tutorial
4+
difficulty: Beginner
5+
description: Run Claude Managed Agents on self-managed Cloudflare environments.
6+
sidebar:
7+
order: 3
8+
products:
9+
- sandbox
10+
- containers
11+
- agents
12+
tags:
13+
- AI
14+
---
15+
16+
import { LinkButton } from "~/components";
17+
18+
Cloudflare provides a self-managed environment for [Claude Managed Agents](https://docs.anthropic.com/en/docs/agents-and-tools/claude-managed-agents). The agent loop runs on the Anthropic platform, while Cloudflare provides the runtime — sandboxes, egress control, browser access, email, and custom tools — that the agent's actions execute in.
19+
20+
This integration ships as an open-source deployment template. Fork the repo, deploy it to your Cloudflare account, and customize it as needed.
21+
22+
<LinkButton variant="primary" href="https://deploy.workers.cloudflare.com/?url=https://github.com/cloudflare/claude-managed-agents">
23+
Deploy to Cloudflare
24+
</LinkButton>
25+
<LinkButton variant="secondary" href="https://github.com/cloudflare/claude-managed-agents">
26+
View on GitHub
27+
</LinkButton>
28+
29+
## What you get
30+
31+
Deploy a Workers-based control plane that gives you:
32+
33+
- **Two sandbox backends** — Each agent can run on a full MicroVM ([Containers](/containers/)) or a lightweight isolate ([Dynamic Workers](/dynamic-workers/)). MicroVMs give the agent a full Linux environment with bash and arbitrary processes. Isolates cold-start in milliseconds and costs a fraction of a container session.
34+
- **Private service connectivity** — Connect agents to private internal services over [Workers VPC](/workers-vpc/) and [Mesh](/cloudflare-one/networks/connectors/cloudflare-mesh/) without exposing them to the public internet.
35+
- **Egress control** — Run all agent traffic through customizable proxies. Inject credentials into outbound requests without the agent ever seeing them, restrict access to specific domains, or write arbitrary proxy middleware.
36+
- **Agent Email** — Give each agent session its own email address for sending and receiving messages with [Cloudflare Email Service](/email-service).
37+
- **Browser Run tools** — Give agents headless browsers powered by [Browser Run](/browser-run/) for web fetches, screenshots, and CDP control. Session recordings provide an audit trail of every browser action.
38+
- **Image generation** — Generate images with [Workers AI](/workers-ai/).
39+
- **Custom tools** — Extend agents with your own tools by adding a function definition to a single file. Tools run in the Workers runtime with access to all your bindings. No additional infrastructure required.
40+
- **Dashboard** — A built-in UI for managing agents, viewing sessions, inspecting logs, and SSH-ing into running MicroVM sandboxes.
41+
42+
## How it works
43+
44+
When a Claude agent starts a session, Anthropic sends a webhook to the Workers-based control plane running in your Cloudflare account. The control plane gives each session its own sandbox, routes outbound traffic through a per-session egress policy, and persists state across session sleeps.
45+
46+
Anthropic describes this as decoupling the brain from the hands — the agent loop runs on Anthropic (the brain), but the infrastructure for running and executing code (the hands) runs on Cloudflare.
47+
48+
## When to use this
49+
50+
Use a self-managed Cloudflare environment when you need:
51+
52+
- Control over the sandbox infrastructure your agents run in
53+
- Secure connections to private internal services
54+
- Custom egress policies for credential injection and domain restrictions
55+
- Custom tools that use Cloudflare bindings (R2, D1, KV, Vectorize, and others)
56+
- The ability to choose between MicroVM and isolate backends per agent
57+
58+
## Get started
59+
60+
Follow the [onboarding guide](https://github.com/cloudflare/claude-managed-agents#onboarding-guide) in the repository to deploy the control plane to your account. The guide walks through creating an Anthropic environment, setting secrets, provisioning storage, deploying the Worker, and configuring webhooks.
61+
62+
:::note
63+
64+
You need a Workers Paid plan or Enterprise account. [Containers](/containers/) (used by MicroVM sandboxes) and Worker Loader bindings (used by isolate code execution and egress proxies) require the paid plan.
65+
66+
:::
67+
68+
## Key documentation
69+
70+
The repository includes detailed documentation on each capability:
71+
72+
| Topic | What it covers |
73+
| --- | --- |
74+
| [Connecting to private services](https://github.com/cloudflare/claude-managed-agents/blob/main/docs/connecting-to-private-services.md) | Reach services in other clouds, on-prem, or on your laptop with Workers VPC bindings |
75+
| [Applying egress policies](https://github.com/cloudflare/claude-managed-agents/blob/main/docs/applying-egress-policies.md) | Inject credentials and lock down agent sessions. Set up allow/deny lists, header injection, custom Worker proxies, and VPC routing |
76+
| [Isolate vs VM-based sandboxes](https://github.com/cloudflare/claude-managed-agents/blob/main/docs/isolate-vs-vm-sandboxes.md) | Pick the best agent execution environment |
77+
| [Agent email](https://github.com/cloudflare/claude-managed-agents/blob/main/docs/agent-email.md) | Give agents their own email addresses and sending abilities |
78+
| [Browser rendering tools](https://github.com/cloudflare/claude-managed-agents/blob/main/docs/browser-rendering-tools.md) | Observable agent browser interactions with Browser Run |
79+
| [Adding custom tools](https://github.com/cloudflare/claude-managed-agents/blob/main/docs/adding-custom-tools.md) | New tools are declared in a single file — [`src/tools/custom-tools.ts`](https://github.com/cloudflare/claude-managed-agents/blob/main/src/tools/custom-tools.ts) |
80+
| [Customizing sandboxes](https://github.com/cloudflare/claude-managed-agents/blob/main/docs/customizing-sandboxes.md) | Change `Dockerfile` and `instance_type` knobs for the MicroVM backend |
81+
| [Snapshots and state persistence](https://github.com/cloudflare/claude-managed-agents/blob/main/docs/snapshots-and-state-persistence.md) | State persistence across both sandbox types |
82+
| [Architecture](https://github.com/cloudflare/claude-managed-agents/blob/main/docs/architecture.md) | Request lifecycle from webhook ingress through dispatch to either sandbox backend, and every Worker binding the control plane uses |
83+
| [Securing access](https://github.com/cloudflare/claude-managed-agents/blob/main/docs/securing-access.md) | Secure access to the CMA control plane |

0 commit comments

Comments
 (0)