A3S Docs
A3S Box

SDK

Rust execution abstractions for A3S Box workloads

SDK

The current SDK surface is a Rust crate, a3s-box-sdk. It is not a Docker-style client SDK and does not currently provide the Python or TypeScript clients that older docs referenced.

What It Provides

  • ExecutionRegistry as the entry point for workload execution policy.
  • ExecutionAdapter for pluggable backends.
  • BoxWorkloadEnvelope and BoxRuntimeSpec shared types from a3s-box-core.
  • VmExecutor and pool statistics abstractions for integrating Box into higher-level runtimes.

Example

use a3s_box_sdk::{
    BoxRuntimeSpec, BoxWorkloadEnvelope, ExecutionRegistry, RuntimeClass, WorkloadKind,
};
use std::time::Duration;

#[tokio::main]
async fn main() {
    let registry = ExecutionRegistry::new();

    let envelope = BoxWorkloadEnvelope {
        runtime_class: RuntimeClass::A3sBox,
        workload_kind: WorkloadKind::ExecutionTask,
        runtime: BoxRuntimeSpec {
            runtime: "a3s/executor/http".into(),
            entrypoint: "a3s-executor".into(),
            args: vec!["--handler".into(), "get".into()],
            env: Default::default(),
        },
        input: serde_json::json!({"url": "https://example.com"}),
        labels: Default::default(),
    };

    let result = registry
        .execute_box_workload(&envelope, Duration::from_secs(300))
        .await;

    println!("{result:?}");
}

Boundary

Use the CLI for general local development. Use the SDK when embedding A3S Box into another Rust runtime that already understands Box workload envelopes and execution policy.

TEE Security

SEV-SNP attestation, RA-TLS, sealing, secret injection, and simulation boundaries

Kubernetes CRI

A3S Box CRI server — core pod and container lifecycle plus exec work end to end with crictl and kubelet, though it is not yet fully critest-conformant

On this page

SDKWhat It ProvidesExampleBoundary