Skip to content
DigitalOcean Gradient™ AI Agentic Cloud SDK Docs
  • Auto
  • Light
  • Dark

Firewalls

API Reference
GPU Droplets

Firewalls

Create a New Firewall
post/v2/firewalls
Delete a Firewall
delete/v2/firewalls/{firewall_id}
List All Firewalls
get/v2/firewalls
Retrieve an Existing Firewall
get/v2/firewalls/{firewall_id}
Update a Firewall
put/v2/firewalls/{firewall_id}
ModelsExpand Collapse
Firewall = object { id, created_at, droplet_ids, 6 more }
id: optional string

A unique ID that can be used to identify and reference a firewall.

created_at: optional string

A time value given in ISO8601 combined date and time format that represents when the firewall was created.

formatdate-time
droplet_ids: optional array of number

An array containing the IDs of the Droplets assigned to the firewall.

Requires droplet:read scope.

inbound_rules: optional array of object { ports, protocol, sources }
ports: string

The ports on which traffic will be allowed specified as a string containing a single port, a range (e.g. "8000-9000"), or "0" when all ports are open for a protocol. For ICMP rules this parameter will always return "0".

protocol: "tcp" or "udp" or "icmp"

The type of traffic to be allowed. This may be one of tcp, udp, or icmp.

Accepts one of the following:
"tcp"
"udp"
"icmp"

An object specifying locations from which inbound traffic will be accepted.

name: optional string

A human-readable name for a firewall. The name must begin with an alphanumeric character. Subsequent characters must either be alphanumeric characters, a period (.), or a dash (-).

outbound_rules: optional array of object { destinations, ports, protocol }
destinations: FirewallRuleTarget

An object specifying locations to which outbound traffic that will be allowed.

ports: string

The ports on which traffic will be allowed specified as a string containing a single port, a range (e.g. "8000-9000"), or "0" when all ports are open for a protocol. For ICMP rules this parameter will always return "0".

protocol: "tcp" or "udp" or "icmp"

The type of traffic to be allowed. This may be one of tcp, udp, or icmp.

Accepts one of the following:
"tcp"
"udp"
"icmp"
pending_changes: optional array of object { droplet_id, removing, status }

An array of objects each containing the fields "droplet_id", "removing", and "status". It is provided to detail exactly which Droplets are having their security policies updated. When empty, all changes have been successfully applied.

droplet_id: optional number
removing: optional boolean
status: optional string
status: optional "waiting" or "succeeded" or "failed"

A status string indicating the current state of the firewall. This can be "waiting", "succeeded", or "failed".

Accepts one of the following:
"waiting"
"succeeded"
"failed"
tags: optional array of string

A flat array of tag names as strings to be applied to the resource. Tag names must exist in order to be referenced in a request.

Requires tag:create and tag:read scopes.

FirewallsDroplets

Add Droplets to a Firewall
post/v2/firewalls/{firewall_id}/droplets
Remove Droplets from a Firewall
delete/v2/firewalls/{firewall_id}/droplets

FirewallsRules

Add Rules to a Firewall
post/v2/firewalls/{firewall_id}/rules
Remove Rules from a Firewall
delete/v2/firewalls/{firewall_id}/rules

FirewallsTags

Add Tags to a Firewall
post/v2/firewalls/{firewall_id}/tags
Remove Tags from a Firewall
delete/v2/firewalls/{firewall_id}/tags