Skip to content
DigitalOcean Gradient™ AI Agentic Cloud SDK Docs
  • Auto
  • Light
  • Dark

Retrieve

API Reference
GPU Droplets
Firewalls
Retrieve an Existing Firewall
get/v2/firewalls/{firewall_id}

To show information about an existing firewall, send a GET request to /v2/firewalls/$FIREWALL_ID.

Path ParametersExpand Collapse
firewall_id: string
formatuuid
ReturnsExpand Collapse
firewall: optional Firewall { id, created_at, droplet_ids, 6 more }
id: optional string

A unique ID that can be used to identify and reference a firewall.

created_at: optional string

A time value given in ISO8601 combined date and time format that represents when the firewall was created.

formatdate-time
droplet_ids: optional array of number

An array containing the IDs of the Droplets assigned to the firewall.

Requires droplet:read scope.

inbound_rules: optional array of object { ports, protocol, sources }
ports: string

The ports on which traffic will be allowed specified as a string containing a single port, a range (e.g. "8000-9000"), or "0" when all ports are open for a protocol. For ICMP rules this parameter will always return "0".

protocol: "tcp" or "udp" or "icmp"

The type of traffic to be allowed. This may be one of tcp, udp, or icmp.

Accepts one of the following:
"tcp"
"udp"
"icmp"
sources: FirewallRuleTarget { addresses, droplet_ids, kubernetes_ids, 2 more }

An object specifying locations from which inbound traffic will be accepted.

addresses: optional array of string

An array of strings containing the IPv4 addresses, IPv6 addresses, IPv4 CIDRs, and/or IPv6 CIDRs to which the firewall will allow traffic.

droplet_ids: optional array of number

An array containing the IDs of the Droplets to which the firewall will allow traffic.

kubernetes_ids: optional array of string

An array containing the IDs of the Kubernetes clusters to which the firewall will allow traffic.

load_balancer_uids: optional array of string

An array containing the IDs of the load balancers to which the firewall will allow traffic.

tags: optional array of string

A flat array of tag names as strings to be applied to the resource. Tag names must exist in order to be referenced in a request.

Requires tag:create and tag:read scopes.

name: optional string

A human-readable name for a firewall. The name must begin with an alphanumeric character. Subsequent characters must either be alphanumeric characters, a period (.), or a dash (-).

outbound_rules: optional array of object { destinations, ports, protocol }
destinations: FirewallRuleTarget { addresses, droplet_ids, kubernetes_ids, 2 more }

An object specifying locations to which outbound traffic that will be allowed.

addresses: optional array of string

An array of strings containing the IPv4 addresses, IPv6 addresses, IPv4 CIDRs, and/or IPv6 CIDRs to which the firewall will allow traffic.

droplet_ids: optional array of number

An array containing the IDs of the Droplets to which the firewall will allow traffic.

kubernetes_ids: optional array of string

An array containing the IDs of the Kubernetes clusters to which the firewall will allow traffic.

load_balancer_uids: optional array of string

An array containing the IDs of the load balancers to which the firewall will allow traffic.

tags: optional array of string

A flat array of tag names as strings to be applied to the resource. Tag names must exist in order to be referenced in a request.

Requires tag:create and tag:read scopes.

ports: string

The ports on which traffic will be allowed specified as a string containing a single port, a range (e.g. "8000-9000"), or "0" when all ports are open for a protocol. For ICMP rules this parameter will always return "0".

protocol: "tcp" or "udp" or "icmp"

The type of traffic to be allowed. This may be one of tcp, udp, or icmp.

Accepts one of the following:
"tcp"
"udp"
"icmp"
pending_changes: optional array of object { droplet_id, removing, status }

An array of objects each containing the fields "droplet_id", "removing", and "status". It is provided to detail exactly which Droplets are having their security policies updated. When empty, all changes have been successfully applied.

droplet_id: optional number
removing: optional boolean
status: optional string
status: optional "waiting" or "succeeded" or "failed"

A status string indicating the current state of the firewall. This can be "waiting", "succeeded", or "failed".

Accepts one of the following:
"waiting"
"succeeded"
"failed"
tags: optional array of string

A flat array of tag names as strings to be applied to the resource. Tag names must exist in order to be referenced in a request.

Requires tag:create and tag:read scopes.

Retrieve an Existing Firewall
  • http
  • typescript
  • python
curl https://api.digitalocean.com/v2/firewalls/$FIREWALL_ID \
    -H "Authorization: Bearer $DIGITALOCEAN_ACCESS_TOKEN"
{
  "firewall": {
    "id": "bb4b2611-3d72-467b-8602-280330ecd65c",
    "created_at": "2020-05-23T21:24:00Z",
    "droplet_ids": [
      8043964
    ],
    "inbound_rules": [
      {
        "ports": "8000",
        "protocol": "tcp",
        "sources": {
          "addresses": [
            "1.2.3.4",
            "18.0.0.0/8"
          ],
          "droplet_ids": [
            8043964
          ],
          "kubernetes_ids": [
            "41b74c5d-9bd0-5555-5555-a57c495b81a3"
          ],
          "load_balancer_uids": [
            "4de7ac8b-495b-4884-9a69-1050c6793cd6"
          ],
          "tags": [
            "base-image",
            "prod"
          ]
        }
      }
    ],
    "name": "firewall",
    "outbound_rules": [
      {
        "destinations": {
          "addresses": [
            "1.2.3.4",
            "18.0.0.0/8"
          ],
          "droplet_ids": [
            8043964
          ],
          "kubernetes_ids": [
            "41b74c5d-9bd0-5555-5555-a57c495b81a3"
          ],
          "load_balancer_uids": [
            "4de7ac8b-495b-4884-9a69-1050c6793cd6"
          ],
          "tags": [
            "base-image",
            "prod"
          ]
        },
        "ports": "8000",
        "protocol": "tcp"
      }
    ],
    "pending_changes": [
      {
        "droplet_id": 8043964,
        "removing": false,
        "status": "waiting"
      }
    ],
    "status": "waiting",
    "tags": [
      "base-image",
      "prod"
    ]
  }
}
Returns Examples
{
  "firewall": {
    "id": "bb4b2611-3d72-467b-8602-280330ecd65c",
    "created_at": "2020-05-23T21:24:00Z",
    "droplet_ids": [
      8043964
    ],
    "inbound_rules": [
      {
        "ports": "8000",
        "protocol": "tcp",
        "sources": {
          "addresses": [
            "1.2.3.4",
            "18.0.0.0/8"
          ],
          "droplet_ids": [
            8043964
          ],
          "kubernetes_ids": [
            "41b74c5d-9bd0-5555-5555-a57c495b81a3"
          ],
          "load_balancer_uids": [
            "4de7ac8b-495b-4884-9a69-1050c6793cd6"
          ],
          "tags": [
            "base-image",
            "prod"
          ]
        }
      }
    ],
    "name": "firewall",
    "outbound_rules": [
      {
        "destinations": {
          "addresses": [
            "1.2.3.4",
            "18.0.0.0/8"
          ],
          "droplet_ids": [
            8043964
          ],
          "kubernetes_ids": [
            "41b74c5d-9bd0-5555-5555-a57c495b81a3"
          ],
          "load_balancer_uids": [
            "4de7ac8b-495b-4884-9a69-1050c6793cd6"
          ],
          "tags": [
            "base-image",
            "prod"
          ]
        },
        "ports": "8000",
        "protocol": "tcp"
      }
    ],
    "pending_changes": [
      {
        "droplet_id": 8043964,
        "removing": false,
        "status": "waiting"
      }
    ],
    "status": "waiting",
    "tags": [
      "base-image",
      "prod"
    ]
  }
}