Enterprise
Cursor Cloud Agents: Setup
Cloud agents run on isolated Ubuntu machines. To make one useful, configure an environment with the same repos, tools, dependencies, secrets and network access a developer would use. Create the environment from the Cloud Agents dashboard, either by letting Cursor's agent set it up and saving a snapshot, or by committing a .cursor/environment.json with a Dockerfile and an install command.
On this page
What is a cloud agent environment?
A cloud agent environment is the machine the agent works on: cloned repos, installed dependencies, secrets, startup commands and network access. Cursor describes it as similar to the setup on your laptop. An agent that can write code but can't run tests, query services or reach APIs cannot close the loop on its work, so Cursor calls environment setup the most important step for making cloud agents effective.
Configured environments make agent sessions faster because the tools are already installed instead of being set up from scratch every time. Create a new environment from the Cloud AgentsAgents that run in a Cursor-managed virtual machine, check out the repo, do the work and open a pull request, then shut down, with no load on your laptop. dashboard.
How do I configure the environment?
There are two ways to configure the environment, and both let you specify an update command that runs before the agent starts so dependencies stay current (for example npm install or pip install). The table below maps each option to when Cursor recommends it.
- Option
- Agent-driven setup (recommended)
- How it works
- Cursor's agent sets up the machine in under 10 minutes; you watch in a shared terminal, then save a snapshot of its VM
- When to use it
- Most repos; fastest path to a reusable environment
- Option
- Manual setup with Dockerfile (advanced)
- How it works
- You write a Dockerfile for system-level dependencies, compiler versions or a different base OS and reference it from
.cursor/environment.json - When to use it
- Advanced cases needing specific system packages
- Option
- Cursor-configured Dockerfiles (private beta)
- How it works
- Cursor inspects your repos and produces a Dockerfile-based config you edit and version
- When to use it
- Enterprise teams who don't want to write a Dockerfile from scratch
| Option | How it works | When to use it |
|---|---|---|
| Agent-driven setup (recommended) | Cursor's agent sets up the machine in under 10 minutes; you watch in a shared terminal, then save a snapshot of its VM | Most repos; fastest path to a reusable environment |
| Manual setup with Dockerfile (advanced) | You write a Dockerfile for system-level dependencies, compiler versions or a different base OS and reference it from .cursor/environment.json | Advanced cases needing specific system packages |
| Cursor-configured Dockerfiles (private beta) | Cursor inspects your repos and produces a Dockerfile-based config you edit and version | Enterprise teams who don't want to write a Dockerfile from scratch |
Cursor-configured Dockerfiles are in private beta for Enterprise; request access via your account representative or hi@cursor.com.
For agent-driven setup, you connect a GitHub, GitLab, Azure DevOps or Bitbucket account, select one or more repositories and provide the environment variables and secrets needed to install dependencies and run the code. After Cursor verifies the code works, you save a snapshot so future agents start faster, and commit the config to .cursor/environment.json so the whole team benefits.
Cursor resolves environment config by repository or repo group, using the first match: .cursor/environment.json in the repo, then a personal saved environment, then a team saved environment. This gives team-level defaults while letting individuals override to test a new config before rollout.
For work that spans more than one repo, select multiple repositories when you create the environment. Cursor clones each into the agent machine and reuses the environment for future runs and automations that use the same repo group.
What do the update and startup commands do?
When a new machine boots, Cursor starts from the base environment, runs the update command (called install in environment.json), then runs the start command and any configured terminals. The list below maps each phase to what belongs in it.
- `update` / `install`: dependency setup such as
npm installorbazel build. It must be idempotent because it can run more than once and on partially cached state. - `start`: processes that should stay alive while the agent runs. You can skip it in many repos; if your environment depends on Docker, add
sudo service docker starthere. - `terminals`: app code processes that run in a
tmuxsession shared by you and the agent.
After update completes, if it took more than a few seconds, Cursor takes an internal checkpoint snapshot and tries to start future agents from it, which is why commands like pnpm install lead to fast startup. Caching is best effort, so infrequently used repositories may see slower startup. A practical pattern is to run basic cached dependency updates in update, then add instructions to AGENTS.md so the agent figures out the per-task commands it needs.
Cloud agents read AGENTS.md files. Cursor recommends a dedicated section for cloud-only setup and testing instructions, titled something like "Cursor Cloud specific instructions." If it gets large, reference other files with detailed instructions for specific tasks.
How do I provide secrets and AWS access?
To run and test code like a developer, cloud agents often need environment variables and secrets such as API keys and database credentials. The recommended approach is the Secrets tab in Cursor settings on cursor.com, which exposes the values to the agent as environment variables. The list below covers the cases Cursor documents.
- Environment-scoped secrets: use these when a credential should be available only to agents that use one environment. They apply to every repo in that environment and are not shared with others.
- Sign-in credentials and 2FA: add the same login credentials you use locally as secrets. For TOTP-based 2FA, add the TOTP shared secret too; the agent generates the current 6-digit code with
oathtool --totp -b "$TOTP_SECRET". - Monorepos with multiple `.env.local` files: add values from all of them to the same Secrets tab, use unique variable names when keys overlap (such as
NEXTJS_*andCONVEX_*) and reference them from each app.
For AWS, Cursor can assume a customer-provided IAM role so you grant permissions without sharing long-lived credentials. You create the role and note its ARN, add a secret named CURSOR_AWS_ASSUME_IAM_ROLE_ARN, have a team admin generate an external ID from team settings, and update the role's trust policy to allow Cursor's role assumer. Cursor then sets AWS_CONFIG_FILE, AWS_PROFILE=cursor-cloud-agent and AWS_SDK_LOAD_CONFIG=1 so the AWS CLI and SDKs pick up the profile automatically.
Cursor assumes the role with STS credentials that expire after 1 hour. When the agent wakes, Cursor refreshes credentials that are missing, invalid or within 15 minutes of expiration. You don't export AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY or AWS_SESSION_TOKEN yourself.
Can cloud agents reach private services and Docker?
Yes, with some VM-specific configuration. Cloud agents support Docker workflows and can reach private services through Tailscale or Cloudflare Tunnel. The cards below summarize the pattern Cursor documents for each.
For simple setups, installing Docker is often enough. Because Docker runs inside another container layer, more complex setups should start from the fuse-overlayfs and iptables-legacy configuration, and make sure your cloud agent user can run Docker.
Tailscale's default networking mode does not work in cloud agent VMs; use userspace networking instead. Start tailscaled with --tun=userspace-networking plus the proxy flags, export the proxy variables, then run your usual tailscale up. The VM cannot act as a tailnet exit node.
cloudflared runs in userspace, so it works. Run a connector inside your private network, route an authenticated hostname through the tunnel, add it to the network allowlist if you use restricted egress, and store Access service tokens (CF_ACCESS_CLIENT_ID, CF_ACCESS_CLIENT_SECRET) as Cursor Secrets.
Keep tunnel tokens and Access service token secrets in Cursor Secrets, not in your repository, and rotate them after testing if they were created for a proof of concept. Dockerfile builds use layer caching, so changing a Dockerfile rebuilds only the changed layers.
Frequently asked questions
What happens if a saved environment snapshot can't be used?
Agents no longer hard fail. If a snapshot expired after inactivity, is invalid or failed, or you lack access, Cursor falls back to the default base image, keeps the rest of the configuration and warns you. The update command still runs, so dependency setup can repair the environment. The agent view shows "Environment ready (with warnings)." Cursor does not auto-switch to an older version; roll back from Version history in the dashboard.
Where do I keep environment configuration in code?
Commit a .cursor/environment.json to your repository. Cloud agents use the configuration at the commit they start from, so to test a new config you can commit and push to a new branch and start an agent from there. The config can reference a snapshot ID or a .cursor/Dockerfile; in build, the dockerfile and context paths are relative to .cursor, while the install command runs from your project root.
Can I increase the memory and CPU for a cloud agent?
Each cloud agent runs on a default VM profile with limited memory and CPU. On an Enterprise plan, if your repo needs more resources you can contact support to increase limits for your workspace. Cursor notes that self-serve custom resource configuration is coming soon.
Sources & last verified
Cursor ships frequently. Facts verified against primary sources on June 26, 2026.