Firewalls
Firewalls
Create a New Firewall
Delete a Firewall
List All Firewalls
Retrieve an Existing Firewall
Update a Firewall
ModelsExpand Collapse
Firewall = object { id, created_at, droplet_ids, 6 more }
A unique ID that can be used to identify and reference a firewall.
A time value given in ISO8601 combined date and time format that represents when the firewall was created.
An array containing the IDs of the Droplets assigned to the firewall.
Requires droplet:read scope.
inbound_rules: optional array of object { ports, protocol, sources }
The ports on which traffic will be allowed specified as a string containing a single port, a range (e.g. "8000-9000"), or "0" when all ports are open for a protocol. For ICMP rules this parameter will always return "0".
protocol: "tcp" or "udp" or "icmp"The type of traffic to be allowed. This may be one of tcp, udp, or icmp.
The type of traffic to be allowed. This may be one of tcp, udp, or icmp.
An object specifying locations from which inbound traffic will be accepted.
An object specifying locations from which inbound traffic will be accepted.
An array of strings containing the IPv4 addresses, IPv6 addresses, IPv4 CIDRs, and/or IPv6 CIDRs to which the firewall will allow traffic.
An array containing the IDs of the Droplets to which the firewall will allow traffic.
An array containing the IDs of the Kubernetes clusters to which the firewall will allow traffic.
An array containing the IDs of the load balancers to which the firewall will allow traffic.
A flat array of tag names as strings to be applied to the resource. Tag names must exist in order to be referenced in a request.
Requires tag:create and tag:read scopes.
A human-readable name for a firewall. The name must begin with an alphanumeric character. Subsequent characters must either be alphanumeric characters, a period (.), or a dash (-).
outbound_rules: optional array of object { destinations, ports, protocol }
An object specifying locations to which outbound traffic that will be allowed.
An object specifying locations to which outbound traffic that will be allowed.
An array of strings containing the IPv4 addresses, IPv6 addresses, IPv4 CIDRs, and/or IPv6 CIDRs to which the firewall will allow traffic.
An array containing the IDs of the Droplets to which the firewall will allow traffic.
An array containing the IDs of the Kubernetes clusters to which the firewall will allow traffic.
An array containing the IDs of the load balancers to which the firewall will allow traffic.
A flat array of tag names as strings to be applied to the resource. Tag names must exist in order to be referenced in a request.
Requires tag:create and tag:read scopes.
The ports on which traffic will be allowed specified as a string containing a single port, a range (e.g. "8000-9000"), or "0" when all ports are open for a protocol. For ICMP rules this parameter will always return "0".
protocol: "tcp" or "udp" or "icmp"The type of traffic to be allowed. This may be one of tcp, udp, or icmp.
The type of traffic to be allowed. This may be one of tcp, udp, or icmp.
pending_changes: optional array of object { droplet_id, removing, status } An array of objects each containing the fields "droplet_id", "removing", and "status". It is provided to detail exactly which Droplets are having their security policies updated. When empty, all changes have been successfully applied.
An array of objects each containing the fields "droplet_id", "removing", and "status". It is provided to detail exactly which Droplets are having their security policies updated. When empty, all changes have been successfully applied.
status: optional "waiting" or "succeeded" or "failed"A status string indicating the current state of the firewall. This can be "waiting", "succeeded", or "failed".
A status string indicating the current state of the firewall. This can be "waiting", "succeeded", or "failed".
A flat array of tag names as strings to be applied to the resource. Tag names must exist in order to be referenced in a request.
Requires tag:create and tag:read scopes.