List Firewalls

API Reference

GPU Droplets

List all Firewalls Applied to a Droplet

get/v2/droplets/{droplet_id}/firewalls

To retrieve a list of all firewalls available to a Droplet, send a GET request to /v2/droplets/$DROPLET_ID/firewalls

The response will be a JSON object that has a key called firewalls. This will be set to an array of firewall objects, each of which contain the standard firewall attributes.

Path ParametersExpand Collapse

droplet_id: number

minimum1

Query ParametersExpand Collapse

page: optional number

Which 'page' of paginated results to return.

minimum1

per_page: optional number

Number of items returned per page

minimum1

maximum200

ReturnsExpand Collapse

meta: MetaProperties { total }

Information about the response itself.

total: optional number

Number of objects returned by the request.

firewalls: optional array of Firewall { id, created_at, droplet_ids, 6 more }

id: optional string

A unique ID that can be used to identify and reference a firewall.

created_at: optional string

A time value given in ISO8601 combined date and time format that represents when the firewall was created.

formatdate-time

droplet_ids: optional array of number

An array containing the IDs of the Droplets assigned to the firewall.

Requires droplet:read scope.

inbound_rules: optional array of object { ports, protocol, sources }

ports: string

The ports on which traffic will be allowed specified as a string containing a single port, a range (e.g. "8000-9000"), or "0" when all ports are open for a protocol. For ICMP rules this parameter will always return "0".

protocol: "tcp" or "udp" or "icmp"

The type of traffic to be allowed. This may be one of tcp, udp, or icmp.

Accepts one of the following:

"tcp"

"udp"

"icmp"

sources: FirewallRuleTarget { addresses, droplet_ids, kubernetes_ids, 2 more }

An object specifying locations from which inbound traffic will be accepted.

addresses: optional array of string

An array of strings containing the IPv4 addresses, IPv6 addresses, IPv4 CIDRs, and/or IPv6 CIDRs to which the firewall will allow traffic.

droplet_ids: optional array of number

An array containing the IDs of the Droplets to which the firewall will allow traffic.

kubernetes_ids: optional array of string

An array containing the IDs of the Kubernetes clusters to which the firewall will allow traffic.

load_balancer_uids: optional array of string

An array containing the IDs of the load balancers to which the firewall will allow traffic.

tags: optional array of string

A flat array of tag names as strings to be applied to the resource. Tag names must exist in order to be referenced in a request.

Requires tag:create and tag:read scopes.

name: optional string

A human-readable name for a firewall. The name must begin with an alphanumeric character. Subsequent characters must either be alphanumeric characters, a period (.), or a dash (-).

outbound_rules: optional array of object { destinations, ports, protocol }

destinations: FirewallRuleTarget { addresses, droplet_ids, kubernetes_ids, 2 more }

An object specifying locations to which outbound traffic that will be allowed.

addresses: optional array of string

An array of strings containing the IPv4 addresses, IPv6 addresses, IPv4 CIDRs, and/or IPv6 CIDRs to which the firewall will allow traffic.

droplet_ids: optional array of number

An array containing the IDs of the Droplets to which the firewall will allow traffic.

kubernetes_ids: optional array of string

An array containing the IDs of the Kubernetes clusters to which the firewall will allow traffic.

load_balancer_uids: optional array of string

An array containing the IDs of the load balancers to which the firewall will allow traffic.

tags: optional array of string

A flat array of tag names as strings to be applied to the resource. Tag names must exist in order to be referenced in a request.

Requires tag:create and tag:read scopes.

ports: string

The ports on which traffic will be allowed specified as a string containing a single port, a range (e.g. "8000-9000"), or "0" when all ports are open for a protocol. For ICMP rules this parameter will always return "0".

protocol: "tcp" or "udp" or "icmp"

The type of traffic to be allowed. This may be one of tcp, udp, or icmp.

Accepts one of the following:

"tcp"

"udp"

"icmp"

pending_changes: optional array of object { droplet_id, removing, status }

An array of objects each containing the fields "droplet_id", "removing", and "status". It is provided to detail exactly which Droplets are having their security policies updated. When empty, all changes have been successfully applied.

droplet_id: optional number

removing: optional boolean

status: optional string

status: optional "waiting" or "succeeded" or "failed"

A status string indicating the current state of the firewall. This can be "waiting", "succeeded", or "failed".

Accepts one of the following:

"waiting"

"succeeded"

"failed"

tags: optional array of string

A flat array of tag names as strings to be applied to the resource. Tag names must exist in order to be referenced in a request.

Requires tag:create and tag:read scopes.

links: optional PageLinks { pages }

pages: optional ForwardLinks { last, next } or BackwardLinks { first, prev } or unknown

Accepts one of the following:

ForwardLinks = object { last, next }

last: optional string

URI of the last page of the results.

next: optional string

URI of the next page of the results.

BackwardLinks = object { first, prev }

first: optional string

URI of the first page of the results.

prev: optional string

URI of the previous page of the results.

UnionMember2 = unknown

List all Firewalls Applied to a Droplet

http

• http
• typescript
• python

curl https://api.digitalocean.com/v2/droplets/$DROPLET_ID/firewalls \
    -H "Authorization: Bearer $DIGITALOCEAN_ACCESS_TOKEN"

200 example

{
  "meta": {
    "total": 1
  },
  "firewalls": [
    {
      "id": "bb4b2611-3d72-467b-8602-280330ecd65c",
      "created_at": "2020-05-23T21:24:00Z",
      "droplet_ids": [
        8043964
      ],
      "inbound_rules": [
        {
          "ports": "8000",
          "protocol": "tcp",
          "sources": {
            "addresses": [
              "1.2.3.4",
              "18.0.0.0/8"
            ],
            "droplet_ids": [
              8043964
            ],
            "kubernetes_ids": [
              "41b74c5d-9bd0-5555-5555-a57c495b81a3"
            ],
            "load_balancer_uids": [
              "4de7ac8b-495b-4884-9a69-1050c6793cd6"
            ],
            "tags": [
              "base-image",
              "prod"
            ]
          }
        }
      ],
      "name": "firewall",
      "outbound_rules": [
        {
          "destinations": {
            "addresses": [
              "1.2.3.4",
              "18.0.0.0/8"
            ],
            "droplet_ids": [
              8043964
            ],
            "kubernetes_ids": [
              "41b74c5d-9bd0-5555-5555-a57c495b81a3"
            ],
            "load_balancer_uids": [
              "4de7ac8b-495b-4884-9a69-1050c6793cd6"
            ],
            "tags": [
              "base-image",
              "prod"
            ]
          },
          "ports": "8000",
          "protocol": "tcp"
        }
      ],
      "pending_changes": [
        {
          "droplet_id": 8043964,
          "removing": false,
          "status": "waiting"
        }
      ],
      "status": "waiting",
      "tags": [
        "base-image",
        "prod"
      ]
    }
  ],
  "links": {
    "pages": {
      "last": "https://api.digitalocean.com/v2/images?page=2",
      "next": "https://api.digitalocean.com/v2/images?page=2"
    }
  }
}

Returns Examples

200 example

{
  "meta": {
    "total": 1
  },
  "firewalls": [
    {
      "id": "bb4b2611-3d72-467b-8602-280330ecd65c",
      "created_at": "2020-05-23T21:24:00Z",
      "droplet_ids": [
        8043964
      ],
      "inbound_rules": [
        {
          "ports": "8000",
          "protocol": "tcp",
          "sources": {
            "addresses": [
              "1.2.3.4",
              "18.0.0.0/8"
            ],
            "droplet_ids": [
              8043964
            ],
            "kubernetes_ids": [
              "41b74c5d-9bd0-5555-5555-a57c495b81a3"
            ],
            "load_balancer_uids": [
              "4de7ac8b-495b-4884-9a69-1050c6793cd6"
            ],
            "tags": [
              "base-image",
              "prod"
            ]
          }
        }
      ],
      "name": "firewall",
      "outbound_rules": [
        {
          "destinations": {
            "addresses": [
              "1.2.3.4",
              "18.0.0.0/8"
            ],
            "droplet_ids": [
              8043964
            ],
            "kubernetes_ids": [
              "41b74c5d-9bd0-5555-5555-a57c495b81a3"
            ],
            "load_balancer_uids": [
              "4de7ac8b-495b-4884-9a69-1050c6793cd6"
            ],
            "tags": [
              "base-image",
              "prod"
            ]
          },
          "ports": "8000",
          "protocol": "tcp"
        }
      ],
      "pending_changes": [
        {
          "droplet_id": 8043964,
          "removing": false,
          "status": "waiting"
        }
      ],
      "status": "waiting",
      "tags": [
        "base-image",
        "prod"
      ]
    }
  ],
  "links": {
    "pages": {
      "last": "https://api.digitalocean.com/v2/images?page=2",
      "next": "https://api.digitalocean.com/v2/images?page=2"
    }
  }
}