Spin up isolated, Python-native compute environments in seconds — with GPUs, dynamic port exposure, snapshot and resume, and Docker-in-Docker. Run untrusted or LLM-generated code safely, at any scale.
from beam import Image, Sandbox
# Spin up an isolated GPU sandbox in seconds
sb = Sandbox(
cpu=2,
memory="4Gi",
gpu="A10G",
image=Image().from_registry("node:20"),
).create()
# Run code and dynamically expose a port behind a secure URL
sb.process.exec("sh", "-c", "npx http-server -p 3000")
url = sb.expose_port(3000)
# Snapshot memory to fork or resume the sandbox later
snapshot_id = sb.snapshot_memory()A cloud environment for agents
Sandboxes give you a secure, fully configurable machine in the cloud.
Programmatic Control
Create a sandbox
Define CPU, memory, GPU, and your image in a single Sandbox() constructor, then call create() to launch it into the cloud in seconds.
Run code and commands
Execute Python with run_code, run any shell command with exec, upload and download files, and stream logs back in real time.
Expose, snapshot, or resume
Expose ports dynamically behind secure preview URLs, snapshot the filesystem or memory to fork and resume later, and auto-terminate when you're done.
from beam import Image, Sandbox
# 1. Create and launch a sandbox in the cloud
sb = Sandbox(
image=Image().from_registry("node:20"),
ports=[3000],
).create()
# 2. Run code and commands with live output
sb.process.exec("sh", "-c", "npx http-server -p 3000")
# 3. Grab the secure preview URL, then snapshot to resume later
print(sb.list_urls())
# => {3000: 'https://...-3000.app.beam.cloud'}
snapshot_id = sb.snapshot_memory()Frequently asked questions
What can I run inside a sandbox?
Anything — sandboxes aren't limited to Python. Run shell commands, start a Node.js server, launch a headless browser, or execute arbitrary code. You get a full isolated environment with networking, storage, and optional GPUs.
How do snapshots and resume work?
You can capture the filesystem or the live memory of a running sandbox — including processes and exposed ports — as an immutable artifact. Fork it to test variations, or resume from that exact state later for instant cold starts.
Can I run Docker inside a sandbox?
Yes. Sandboxes support Docker-in-Docker, so you can pull from any registry and run containers inside your environment. Start from off-the-shelf Docker images without wrappers and build exactly the environment you need.
How do I expose a service to the internet?
Expose ports statically when you create the sandbox, or dynamically at runtime with expose_port(). Each port gets an SSL-terminated, authenticated preview URL you can share or hit from your app.
Can I use GPUs?
Yes. Assign a GPU like an A10G or H100 alongside CPU and memory directly in the Sandbox constructor, so you can run rendering, machine learning, or other accelerated workloads.
Is it safe to run untrusted or LLM-generated code?
Yes. Every sandbox is fully isolated. You can block all outbound network traffic with block_network, or define CIDR allow lists to permit only specific destinations — and update those permissions at runtime without restarting.
Start shipping on infra
you won’t outgrow.
Run sandboxes and GPU workloads on your cloud, and scale out to ours when you need to. No infra to manage.