Miosa.Sandboxes.Network (Miosa v1.1.0)

Copy Markdown View Source

Sandbox-bound view of Miosa.Network.

Every call pre-populates resource_id with the sandbox's ID and sets resource_type to "sandbox".

Usage

{:ok, sandbox} = Miosa.Sandboxes.create(client, %{name: "my-box"})

{:ok, rule}   = Miosa.Sandboxes.Network.allow(sandbox, client, "api.github.com")
{:ok, rule}   = Miosa.Sandboxes.Network.deny(sandbox, client, "bad.host.io")
{:ok, policy} = Miosa.Sandboxes.Network.lockdown(sandbox, client)
{:ok, policy} = Miosa.Sandboxes.Network.observe(sandbox, client)
{:ok, items}  = Miosa.Sandboxes.Network.suggestions(sandbox, client)
{:ok, rules}  = Miosa.Sandboxes.Network.rules(sandbox, client)

The sandbox argument may be either a Miosa.Types.Computer.t() struct or a plain binary sandbox ID string.

Summary

Functions

allow(sandbox_or_id, client, host, opts \\ [])

Add an allow rule for host, scoped to this sandbox.

deny(sandbox_or_id, client, host, opts \\ [])

Add a deny rule for host, scoped to this sandbox.

lockdown(sandbox_or_id, client, opts \\ [])

Set the policy to mode=enforce for this sandbox — denied requests are blocked.

observe(sandbox_or_id, client, opts \\ [])

Set the policy to mode=audit_only for this sandbox — log but do not block.

policies(sandbox_or_id, client, filters \\ [])

List egress policies scoped to this sandbox.

remove_rule(sandbox_or_id, client, rule_id)

Delete an allowlist rule by ID.

rules(sandbox_or_id, client, filters \\ [])

List allowlist rules for this sandbox.

suggestions(sandbox_or_id, client, opts \\ [])

Return AI-generated allowlist suggestions for this sandbox.

Functions

allow(sandbox_or_id, client, host, opts \\ [])

@spec allow(map() | String.t(), Miosa.Client.t(), String.t(), keyword()) ::
  Miosa.Client.result(map())

Add an allow rule for host, scoped to this sandbox.

deny(sandbox_or_id, client, host, opts \\ [])

@spec deny(map() | String.t(), Miosa.Client.t(), String.t(), keyword()) ::
  Miosa.Client.result(map())

Add a deny rule for host, scoped to this sandbox.

lockdown(sandbox_or_id, client, opts \\ [])

@spec lockdown(map() | String.t(), Miosa.Client.t(), keyword()) ::
  Miosa.Client.result(map())

Set the policy to mode=enforce for this sandbox — denied requests are blocked.

observe(sandbox_or_id, client, opts \\ [])

@spec observe(map() | String.t(), Miosa.Client.t(), keyword()) ::
  Miosa.Client.result(map())

Set the policy to mode=audit_only for this sandbox — log but do not block.

policies(sandbox_or_id, client, filters \\ [])

@spec policies(map() | String.t(), Miosa.Client.t(), keyword()) ::
  Miosa.Client.result([map()])

List egress policies scoped to this sandbox.

remove_rule(sandbox_or_id, client, rule_id)

@spec remove_rule(map() | String.t(), Miosa.Client.t(), String.t()) ::
  :ok | {:error, Miosa.Error.t()}

Delete an allowlist rule by ID.

rules(sandbox_or_id, client, filters \\ [])

@spec rules(map() | String.t(), Miosa.Client.t(), keyword()) ::
  Miosa.Client.result([map()])

List allowlist rules for this sandbox.

suggestions(sandbox_or_id, client, opts \\ [])

@spec suggestions(map() | String.t(), Miosa.Client.t(), keyword()) ::
  Miosa.Client.result([map()])

Return AI-generated allowlist suggestions for this sandbox.