Skip to main content
A profile defines which resources and capabilities a sandbox can request: container image, runtime class, compute shape, namespace, ingress and egress, and pod placement. Profiles serve as guardrails administrators use to enforce policies such as “sandboxes can’t have internet egress” or “sandboxes can request up to N CPUs and M GB of memory.” When a sandbox launches, the runner that places it resolves a single profile and uses it to shape the pod it creates. This page is conceptual. It explains how profiles, profile bindings, and overrides combine at sandbox launch, why profile updates behave the way they do, and when to use bindings with overrides instead of separate profiles. For the CoreWeave Intelligent CLI workflow and a field-by-field walkthrough, see Configure a sandbox profile. For the full schema with types and defaults, see the Profile reference.
CoreWeave sandboxes are in public preview. For access, contact your CoreWeave account team, CoreWeave Support, or email support@coreweave.com.

Three pieces in play

This section introduces the three objects that determine a sandbox’s runtime shape. Understanding their roles is a prerequisite for the layering and update semantics that follow. Three objects shape a sandbox’s spec at launch:
  • Profile: the stored, organization-wide configuration that defines what a sandbox can request.
  • Binding: the link between a profile and a runner, with optional per-runner overrides.
  • Override: a partial profile spec on a single binding that tweaks the profile for that one runner.
See Sandboxes architecture for the four-resource taxonomy (profiles, runners, bindings, sandboxes) and the gateway that brokers every sandbox request. This page focuses on how the three pieces interact when a sandbox launches. A binding carries the following fields:
FieldPurpose
profile_template_idThe profile being referenced (UUID).
profile_nameAn optional alias sandboxes use to select the profile at launch, instead of the profile’s display_name.
is_defaultWhether this binding is the fallback when a sandbox doesn’t specify a profile. Exactly one binding per runner must be true.
overrides_jsonA partial profile spec, JSON-encoded as a string, that overrides specific fields of the referenced profile for sandboxes placed on this runner.
Mental model: the profile is the source of truth for sandbox shape. A binding attaches that profile to a specific runner. An override on a binding tweaks the profile for that one runner without forking a new profile.

How fields combine at runtime

When a sandbox launches, the service resolves its configuration by layering four sources. The layers are applied in order, and when two layers set the same field, the later layer wins. Layer 4 has the final word, and layer 1 only shows through for fields nothing above it sets. The resolved spec is submitted to Kubernetes as the sandbox pod.
AppliedLayerSourceOverrides
1st (lowest precedence)Runner zone defaultsBaseline applied by the runner before anything else.nothing
2ndProfile specThe stored profile attached by the binding.layer 1
3rdBinding overrides_jsonPartial profile spec on this binding, scoped to one runner.layers 1-2
4th (highest precedence)Per-sandbox overridesFields supplied by the caller at launch.layers 1-3
Override merging is field-level, so a binding that only sets node_selector leaves every other field of the profile intact. You don’t need to duplicate the full profile spec in an override. Supply only the fields that differ.

Update semantics

Three behaviors shape what happens when you change a profile or binding that real traffic depends on. Knowing them up front lets you predict the impact of an edit before you make it.
  • Profile updates are immediate and fleet-wide. Every runner with a binding to the profile picks up the new spec for the next sandbox it places. The runner resolves the binding to a profile each time a sandbox launches against it, so there’s no staged rollout and no concept of profile revisions on the server. If you need staged rollout, version the profile by name (agent-v1, agent-v2) and migrate runners one binding at a time. See Update an existing profile for the CoreWeave Intelligent CLI steps.
  • Running sandboxes are unaffected. A sandbox uses the spec it was launched with. New sandboxes pick up the new spec. This decoupling is what makes profile updates safe to apply at any time. The cost is that you can’t retroactively reshape sandboxes already running.
  • Binding edits replace the full list. A runner’s profile_bindings is patched as a single list. Whatever you submit becomes the new list, so any binding you don’t include is removed. The patch must contain every binding you want to keep, not just the ones you’re adding or changing, and the resulting list must still have exactly one is_default: true. This is what lets the control plane apply adds, removes, and changes atomically. The cwic sandbox runner edit wizard handles list assembly for you when you run it without -f. See Manage profile bindings for the CoreWeave Intelligent CLI steps, and the Control plane API overview for the REST field-mask contract.

When to split profiles compared to using overrides

The preceding layering and update rules leave room for two common problem patterns. Avoid both to keep the profile inventory maintainable as your fleet grows.
  • Per-runner profile sprawl. When two profiles differ by only one field (commonly the node_selector that pins sandboxes to a region or instance type), the duplication makes the profile harder to evolve. Consolidate into a single profile and set the differing field with overrides_json on each binding. For example, instead of separate agent-useast, agent-euwest, and agent-apac profiles, keep one agent profile and override the node selector per runner.
  • Overrides that fork the spec. If a binding’s overrides_json is larger than the profile’s spec, the profile isn’t doing work for you. Promote the override into a dedicated profile.

See also

Last modified on June 4, 2026