Endpoint Rules

Endpoint rules add method/path controls on top of domain allowlists.

from isorun import Sandbox

with Sandbox("python", network={
    "rules": [
        {"host": "api.openai.com", "method": "POST", "path": "/v1/chat/completions"},
        {"host": "api.openai.com", "method": "GET", "path": "/v1/models"},
    ],
    "deny": ["0.0.0.0/0"],
}) as sb:
    sb.exec("python3 call_openai.py")

Rule fields

Field	Required	Description
`host`	Yes	Domain pattern, supports wildcards (`*.github.com`)
`method`	No	HTTP method (`GET`, `POST`, `PUT`, `PATCH`, `DELETE`)
`path`	No	Path prefix or glob (`/repos/myorg/*`)

Common policies

Read-only GitHub access

rules = [
  {"host": "github.com", "method": "GET", "path": "/*"},
  {"host": "api.github.com", "method": "GET", "path": "/repos/*"},
]

LLM inference only

rules = [
  {"host": "api.openai.com", "method": "POST", "path": "/v1/chat/completions"},
  {"host": "api.openai.com", "method": "GET", "path": "/v1/models"},
]

Combination model

A request must pass both filters:

Host allow/deny policy (network profile or custom allowlist)
Endpoint rule match (if rules are configured)

Use this with Network Profiles for reusable policy baselines.