Skip to content
DigitalOcean Gradient™ AI Agentic Cloud SDK Docs
  • Auto
  • Light
  • Dark

Update

API Reference
GPU Droplets
Firewalls
Update a Firewall
client.gpuDroplets.firewalls.update(stringfirewallID, FirewallUpdateParams { firewall } params, RequestOptionsoptions?): FirewallUpdateResponse { firewall }
put/v2/firewalls/{firewall_id}

To update the configuration of an existing firewall, send a PUT request to /v2/firewalls/$FIREWALL_ID. The request should contain a full representation of the firewall including existing attributes. Note that any attributes that are not provided will be reset to their default values.

You must have read access (e.g. droplet:read) to all resources attached to the firewall to successfully update the firewall.

ParametersExpand Collapse
firewallID: string
params: FirewallUpdateParams { firewall }
firewall: Firewall { id, created_at, droplet_ids, 6 more }
id?: string

A unique ID that can be used to identify and reference a firewall.

created_at?: string

A time value given in ISO8601 combined date and time format that represents when the firewall was created.

formatdate-time
droplet_ids?: Array<number> | null

An array containing the IDs of the Droplets assigned to the firewall.

Requires droplet:read scope.

inbound_rules?: Array<InboundRule> | null
ports: string

The ports on which traffic will be allowed specified as a string containing a single port, a range (e.g. "8000-9000"), or "0" when all ports are open for a protocol. For ICMP rules this parameter will always return "0".

protocol: "tcp" | "udp" | "icmp"

The type of traffic to be allowed. This may be one of tcp, udp, or icmp.

Accepts one of the following:
"tcp"
"udp"
"icmp"
sources: FirewallRuleTarget { addresses, droplet_ids, kubernetes_ids, 2 more }

An object specifying locations from which inbound traffic will be accepted.

addresses?: Array<string>

An array of strings containing the IPv4 addresses, IPv6 addresses, IPv4 CIDRs, and/or IPv6 CIDRs to which the firewall will allow traffic.

droplet_ids?: Array<number>

An array containing the IDs of the Droplets to which the firewall will allow traffic.

kubernetes_ids?: Array<string>

An array containing the IDs of the Kubernetes clusters to which the firewall will allow traffic.

load_balancer_uids?: Array<string>

An array containing the IDs of the load balancers to which the firewall will allow traffic.

tags?: Array<string> | null

A flat array of tag names as strings to be applied to the resource. Tag names must exist in order to be referenced in a request.

Requires tag:create and tag:read scopes.

name?: string

A human-readable name for a firewall. The name must begin with an alphanumeric character. Subsequent characters must either be alphanumeric characters, a period (.), or a dash (-).

outbound_rules?: Array<OutboundRule> | null
destinations: FirewallRuleTarget { addresses, droplet_ids, kubernetes_ids, 2 more }

An object specifying locations to which outbound traffic that will be allowed.

addresses?: Array<string>

An array of strings containing the IPv4 addresses, IPv6 addresses, IPv4 CIDRs, and/or IPv6 CIDRs to which the firewall will allow traffic.

droplet_ids?: Array<number>

An array containing the IDs of the Droplets to which the firewall will allow traffic.

kubernetes_ids?: Array<string>

An array containing the IDs of the Kubernetes clusters to which the firewall will allow traffic.

load_balancer_uids?: Array<string>

An array containing the IDs of the load balancers to which the firewall will allow traffic.

tags?: Array<string> | null

A flat array of tag names as strings to be applied to the resource. Tag names must exist in order to be referenced in a request.

Requires tag:create and tag:read scopes.

ports: string

The ports on which traffic will be allowed specified as a string containing a single port, a range (e.g. "8000-9000"), or "0" when all ports are open for a protocol. For ICMP rules this parameter will always return "0".

protocol: "tcp" | "udp" | "icmp"

The type of traffic to be allowed. This may be one of tcp, udp, or icmp.

Accepts one of the following:
"tcp"
"udp"
"icmp"
pending_changes?: Array<PendingChange>

An array of objects each containing the fields "droplet_id", "removing", and "status". It is provided to detail exactly which Droplets are having their security policies updated. When empty, all changes have been successfully applied.

droplet_id?: number
removing?: boolean
status?: string
status?: "waiting" | "succeeded" | "failed"

A status string indicating the current state of the firewall. This can be "waiting", "succeeded", or "failed".

Accepts one of the following:
"waiting"
"succeeded"
"failed"
tags?: Array<string> | null

A flat array of tag names as strings to be applied to the resource. Tag names must exist in order to be referenced in a request.

Requires tag:create and tag:read scopes.

ReturnsExpand Collapse
FirewallUpdateResponse { firewall }
firewall?: Firewall { id, created_at, droplet_ids, 6 more }
id?: string

A unique ID that can be used to identify and reference a firewall.

created_at?: string

A time value given in ISO8601 combined date and time format that represents when the firewall was created.

formatdate-time
droplet_ids?: Array<number> | null

An array containing the IDs of the Droplets assigned to the firewall.

Requires droplet:read scope.

inbound_rules?: Array<InboundRule> | null
ports: string

The ports on which traffic will be allowed specified as a string containing a single port, a range (e.g. "8000-9000"), or "0" when all ports are open for a protocol. For ICMP rules this parameter will always return "0".

protocol: "tcp" | "udp" | "icmp"

The type of traffic to be allowed. This may be one of tcp, udp, or icmp.

Accepts one of the following:
"tcp"
"udp"
"icmp"
sources: FirewallRuleTarget { addresses, droplet_ids, kubernetes_ids, 2 more }

An object specifying locations from which inbound traffic will be accepted.

addresses?: Array<string>

An array of strings containing the IPv4 addresses, IPv6 addresses, IPv4 CIDRs, and/or IPv6 CIDRs to which the firewall will allow traffic.

droplet_ids?: Array<number>

An array containing the IDs of the Droplets to which the firewall will allow traffic.

kubernetes_ids?: Array<string>

An array containing the IDs of the Kubernetes clusters to which the firewall will allow traffic.

load_balancer_uids?: Array<string>

An array containing the IDs of the load balancers to which the firewall will allow traffic.

tags?: Array<string> | null

A flat array of tag names as strings to be applied to the resource. Tag names must exist in order to be referenced in a request.

Requires tag:create and tag:read scopes.

name?: string

A human-readable name for a firewall. The name must begin with an alphanumeric character. Subsequent characters must either be alphanumeric characters, a period (.), or a dash (-).

outbound_rules?: Array<OutboundRule> | null
destinations: FirewallRuleTarget { addresses, droplet_ids, kubernetes_ids, 2 more }

An object specifying locations to which outbound traffic that will be allowed.

addresses?: Array<string>

An array of strings containing the IPv4 addresses, IPv6 addresses, IPv4 CIDRs, and/or IPv6 CIDRs to which the firewall will allow traffic.

droplet_ids?: Array<number>

An array containing the IDs of the Droplets to which the firewall will allow traffic.

kubernetes_ids?: Array<string>

An array containing the IDs of the Kubernetes clusters to which the firewall will allow traffic.

load_balancer_uids?: Array<string>

An array containing the IDs of the load balancers to which the firewall will allow traffic.

tags?: Array<string> | null

A flat array of tag names as strings to be applied to the resource. Tag names must exist in order to be referenced in a request.

Requires tag:create and tag:read scopes.

ports: string

The ports on which traffic will be allowed specified as a string containing a single port, a range (e.g. "8000-9000"), or "0" when all ports are open for a protocol. For ICMP rules this parameter will always return "0".

protocol: "tcp" | "udp" | "icmp"

The type of traffic to be allowed. This may be one of tcp, udp, or icmp.

Accepts one of the following:
"tcp"
"udp"
"icmp"
pending_changes?: Array<PendingChange>

An array of objects each containing the fields "droplet_id", "removing", and "status". It is provided to detail exactly which Droplets are having their security policies updated. When empty, all changes have been successfully applied.

droplet_id?: number
removing?: boolean
status?: string
status?: "waiting" | "succeeded" | "failed"

A status string indicating the current state of the firewall. This can be "waiting", "succeeded", or "failed".

Accepts one of the following:
"waiting"
"succeeded"
"failed"
tags?: Array<string> | null

A flat array of tag names as strings to be applied to the resource. Tag names must exist in order to be referenced in a request.

Requires tag:create and tag:read scopes.

Update a Firewall
  • http
  • typescript
  • python
import Gradient from '@digitalocean/gradient';

const client = new Gradient();

const firewall = await client.gpuDroplets.firewalls.update('bb4b2611-3d72-467b-8602-280330ecd65c', {
  firewall: { name: 'frontend-firewall' },
});

console.log(firewall.firewall);
{
  "firewall": {
    "droplet_ids": [
      8043964
    ],
    "inbound_rules": [
      {
        "ports": "8000",
        "protocol": "tcp",
        "sources": {
          "addresses": [
            "1.2.3.4",
            "18.0.0.0/8"
          ],
          "droplet_ids": [
            8043964
          ],
          "kubernetes_ids": [
            "41b74c5d-9bd0-5555-5555-a57c495b81a3"
          ],
          "load_balancer_uids": [
            "4de7ac8b-495b-4884-9a69-1050c6793cd6"
          ],
          "tags": [
            "base-image",
            "prod"
          ]
        }
      }
    ],
    "name": "firewall",
    "outbound_rules": [
      {
        "destinations": {
          "addresses": [
            "1.2.3.4",
            "18.0.0.0/8"
          ],
          "droplet_ids": [
            8043964
          ],
          "kubernetes_ids": [
            "41b74c5d-9bd0-5555-5555-a57c495b81a3"
          ],
          "load_balancer_uids": [
            "4de7ac8b-495b-4884-9a69-1050c6793cd6"
          ],
          "tags": [
            "base-image",
            "prod"
          ]
        },
        "ports": "8000",
        "protocol": "tcp"
      }
    ],
    "tags": [
      "base-image",
      "prod"
    ]
  }
}
Returns Examples
{
  "firewall": {
    "droplet_ids": [
      8043964
    ],
    "inbound_rules": [
      {
        "ports": "8000",
        "protocol": "tcp",
        "sources": {
          "addresses": [
            "1.2.3.4",
            "18.0.0.0/8"
          ],
          "droplet_ids": [
            8043964
          ],
          "kubernetes_ids": [
            "41b74c5d-9bd0-5555-5555-a57c495b81a3"
          ],
          "load_balancer_uids": [
            "4de7ac8b-495b-4884-9a69-1050c6793cd6"
          ],
          "tags": [
            "base-image",
            "prod"
          ]
        }
      }
    ],
    "name": "firewall",
    "outbound_rules": [
      {
        "destinations": {
          "addresses": [
            "1.2.3.4",
            "18.0.0.0/8"
          ],
          "droplet_ids": [
            8043964
          ],
          "kubernetes_ids": [
            "41b74c5d-9bd0-5555-5555-a57c495b81a3"
          ],
          "load_balancer_uids": [
            "4de7ac8b-495b-4884-9a69-1050c6793cd6"
          ],
          "tags": [
            "base-image",
            "prod"
          ]
        },
        "ports": "8000",
        "protocol": "tcp"
      }
    ],
    "tags": [
      "base-image",
      "prod"
    ]
  }
}