You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Sandboxes are now **secure by default**. That means you cannot access the sandbox controller directly via its URL without authentication header.
44
-
SDK handles authentication header for you automatically.
45
43
46
-
For custom templates created before envd `v0.2.0`, you need to rebuild the templates to enable secure communication,
47
-
otherwise you will receive error messages when creating sandboxes. You can check template envd version via `e2b template list` command or templates list in dashboard.
44
+
Sandboxes are now **secure by default**. This means you can't access the sandbox controller directly through its URL without an authentication header.
45
+
The SDK automatically handles the authentication header for you.
48
46
49
-
You can temporarily disable secure communication by setting `secure` to `false` during sandbox creation, but this is not recommended for production use.
47
+
For custom templates created before envd `v0.2.0`, you need to rebuild them to enable secure communication.
48
+
Otherwise, you will receive error messages when creating sandboxes. You can check the template envd version using the `e2b template list` command or view the templates list in the dashboard.
49
+
50
+
You can temporarily disable secure communication by setting `secure` to `false` during sandbox creation, but this is not recommended for production environments.
Copy file name to clipboardExpand all lines: docs/sandbox/secured-access.mdx
+12-12Lines changed: 12 additions & 12 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,39 +5,39 @@ sidebarTitle: Secured access
5
5
6
6
Secure access authenticates communication between SDK and sandbox controller.
7
7
8
-
Sandbox controller runs in sandbox itself and exposes APIs for work with file system, run command etc.
9
-
Without using secured access, anyone with sandbox ID can access the controller APIs and control the sandbox from inside.
8
+
Sandbox controller runs in sandbox itself and exposes APIs for work with file system, run commands, and generally control the sandbox via our SDK.
9
+
Without secure access, anyone with a sandbox ID can access the controller APIs and control the sandbox from inside.
10
10
11
11
<Note>
12
12
SDKs version `v2.0.0` and above are using secure access by default when creating sandbox. This may not be compatible with older custom templates and you may need to rebuild them.
13
13
</Note>
14
14
15
15
## Migration path
16
16
17
-
When you are using custom templates created before envd `v0.2.0`, you need to rebuild the templates to enable secure access.
18
-
Temporary, you can disable secure access by setting `secure` to `false` during sandbox creation, but this is not recommended for production use as it opens up security risks.
17
+
When using custom templates created before envd `v0.2.0`, you need to rebuild the templates to enable secure access.
18
+
Temporarily, you can disable secure access by setting `secure` to `false` during sandbox creation, but this is not recommended for production use because it increases security risks.
19
19
20
-
You can check template envd version via `e2b template list` command or templates list in dashboard.
20
+
You can check the template envd version using the `e2b template list` command or by viewing the templates list on the dashboard.
21
21
22
22
## Supported versions
23
23
24
-
All sandboxes based on template with envd version at least `v0.2.0` already supports secure access without any additional changes.
24
+
All sandboxes based on templates with envd version at least `v0.2.0` already support secure access without any additional changes.
25
25
26
-
Secured access flag was introduced in `1.5.0` for JavaScript and Python SDKs to be used optionally.
27
-
With SDKs version `v2.0.0` and above, sandboxes are created with secure access enabled by default.
26
+
The secure access flag was introduced in `1.5.0` for JavaScript and Python SDKs to be used optionally.
27
+
Starting with SDK version `v2.0.0`, sandboxes are created with secure access enabled by default.
28
28
29
29
## Access sandbox API directly
30
30
31
-
In some cases you may want to access sandbox controller APIs directly via its URL, for example when you are not using SDKs.
32
-
When secure access is enabled, you need to provide an authentication token that was returned during sandbox creation.
31
+
In some cases, you might want to access sandbox controller APIs directly through its URL, such as when you are not using SDKs.
32
+
When secure access is enabled, you must provide an authentication token that was returned during sandbox creation.
33
33
34
-
Each call to sandbox controller must include an additional header `X-Access-Token` with access token value returned during sandbox creation.
34
+
Each call to the sandbox controller must include an additional header `X-Access-Token` with the access token value returned during sandbox creation.
35
35
36
36
For sandbox [upload](/docs/filesystem/upload#upload-with-pre-signed-url) and [download](/docs/filesystem/download#download-with-pre-signed-url) URLs, you need to generate pre-signed URLs. We are advising to use SDK for generating presigned URLs.
37
37
38
38
## Disable secure access
39
39
40
-
Disabling secured access is not recommended as it opens up security risks.
40
+
Disabling secured access is discouraged because it creates security vulnerabilities.
0 commit comments