Postgres connections now work through Sandbox firewall

2 min read

May 1, 2026

Vercel Sandbox can now connect to hosted Postgres databases, including Neon, Supabase, AWS RDS, Nile, and Prisma Postgres. To enable a connection, add the database host to your Sandbox's allowed domains.

[Link to heading](http://vercel.com/changelog/vercel-sandbox-firewall-now-supports-postgres-connections#background)Background

When SNI based filtering is used with Vercel Sandbox, the sandbox firewall restricts outbound network access by checking the domain name during a connection's TLS handshake. This works seamlessly for HTTPS traffic, where the domain is visible at the start of the connection.

Postgres, however, negotiates TLS differently. A Postgres client first opens a plain TCP connection and _then_ upgrades to TLS. Because the domain isn't available when the firewall first needs it, Postgres connections through a standard domain-restricted Sandbox would fail.

[Link to heading](http://vercel.com/changelog/vercel-sandbox-firewall-now-supports-postgres-connections#what-changed)What changed

The Sandbox firewall now adjusts for the Postgres TLS negotiation flow. It detects the protocol's startup sequence, waits for the TLS upgrade, and then applies your domain policy before forwarding the connection to the database. No changes are needed to your code or database configuration.

[Link to heading](http://vercel.com/changelog/vercel-sandbox-firewall-now-supports-postgres-connections#connecting-to-hosted-database)Connecting to hosted database

Here's a full example: create a Sandbox, install a Postgres client, lock down the network to only the database host, and run a query.

`import { Sandbox } from '@vercel/sandbox';const { PGHOST, PGUSER, PGPASSWORD, PGDATABASE } = process.env;const connectionString = `postgres://${PGUSER}:${PGPASSWORD}@${PGHOST}:5432/${PGDATABASE}?sslmode=require`;// Start with unrestricted network access to install dependencies.const sandbox = await Sandbox.create();await sandbox.runCommand({ cmd: 'sudo', args: ['dnf', 'install', '-y', 'postgresql15'],});// Lock the sandbox down to only the database host before running untrusted code.await sandbox.updateNetworkPolicy({ allowDomains: [PGHOST!],});const result = await sandbox.runCommand({ cmd: 'psql', args: [connectionString, '-c', 'SELECT now();'],});console.log(await result.stdout());`

[Link to heading](http://vercel.com/changelog/vercel-sandbox-firewall-now-supports-postgres-connections#important-to-know)Important to know

• **TLS is required:**Domain-based rules rely on the hostname being visible during the TLS handshake, so clients must connect with `sslmode=require` or higher. If your database doesn't support TLS, you can allow it by IP range instead. Most managed Postgres providers require TLS by default.

• **GSSAPI encryption is not supported:**Clients using `gssencmode=prefer` will fall back to TLS automatically; `gssencmode=require`will not connect.

• **No silent downgrades:**If a client uses `sslmode=prefer` and the database doesn't support TLS, the connection will fail rather than silently falling back to plain-text.

Learn more about the Sandbox firewall.