Skip to content
DigitalOcean Gradient™ AI Agentic Cloud SDK Docs
  • Auto
  • Light
  • Dark

Firewalls

API Reference
GPU Droplets

Firewalls

Create a New Firewall
client.gpuDroplets.firewalls.create(FirewallCreateParams { body } params?, RequestOptionsoptions?): FirewallCreateResponse { firewall }
post/v2/firewalls
Delete a Firewall
client.gpuDroplets.firewalls.delete(stringfirewallID, RequestOptionsoptions?): void
delete/v2/firewalls/{firewall_id}
List All Firewalls
client.gpuDroplets.firewalls.list(FirewallListParams { page, per_page } query?, RequestOptionsoptions?): FirewallListResponse { meta, firewalls, links }
get/v2/firewalls
Retrieve an Existing Firewall
client.gpuDroplets.firewalls.retrieve(stringfirewallID, RequestOptionsoptions?): FirewallRetrieveResponse { firewall }
get/v2/firewalls/{firewall_id}
Update a Firewall
client.gpuDroplets.firewalls.update(stringfirewallID, FirewallUpdateParams { firewall } params, RequestOptionsoptions?): FirewallUpdateResponse { firewall }
put/v2/firewalls/{firewall_id}
ModelsExpand Collapse
Firewall { id, created_at, droplet_ids, 6 more }
id?: string

A unique ID that can be used to identify and reference a firewall.

created_at?: string

A time value given in ISO8601 combined date and time format that represents when the firewall was created.

formatdate-time
droplet_ids?: Array<number> | null

An array containing the IDs of the Droplets assigned to the firewall.

Requires droplet:read scope.

inbound_rules?: Array<InboundRule> | null
ports: string

The ports on which traffic will be allowed specified as a string containing a single port, a range (e.g. "8000-9000"), or "0" when all ports are open for a protocol. For ICMP rules this parameter will always return "0".

protocol: "tcp" | "udp" | "icmp"

The type of traffic to be allowed. This may be one of tcp, udp, or icmp.

Accepts one of the following:
"tcp"
"udp"
"icmp"
sources: FirewallRuleTarget { addresses, droplet_ids, kubernetes_ids, 2 more }

An object specifying locations from which inbound traffic will be accepted.

addresses?: Array<string>

An array of strings containing the IPv4 addresses, IPv6 addresses, IPv4 CIDRs, and/or IPv6 CIDRs to which the firewall will allow traffic.

droplet_ids?: Array<number>

An array containing the IDs of the Droplets to which the firewall will allow traffic.

kubernetes_ids?: Array<string>

An array containing the IDs of the Kubernetes clusters to which the firewall will allow traffic.

load_balancer_uids?: Array<string>

An array containing the IDs of the load balancers to which the firewall will allow traffic.

tags?: Array<string> | null

A flat array of tag names as strings to be applied to the resource. Tag names must exist in order to be referenced in a request.

Requires tag:create and tag:read scopes.

name?: string

A human-readable name for a firewall. The name must begin with an alphanumeric character. Subsequent characters must either be alphanumeric characters, a period (.), or a dash (-).

outbound_rules?: Array<OutboundRule> | null
destinations: FirewallRuleTarget { addresses, droplet_ids, kubernetes_ids, 2 more }

An object specifying locations to which outbound traffic that will be allowed.

addresses?: Array<string>

An array of strings containing the IPv4 addresses, IPv6 addresses, IPv4 CIDRs, and/or IPv6 CIDRs to which the firewall will allow traffic.

droplet_ids?: Array<number>

An array containing the IDs of the Droplets to which the firewall will allow traffic.

kubernetes_ids?: Array<string>

An array containing the IDs of the Kubernetes clusters to which the firewall will allow traffic.

load_balancer_uids?: Array<string>

An array containing the IDs of the load balancers to which the firewall will allow traffic.

tags?: Array<string> | null

A flat array of tag names as strings to be applied to the resource. Tag names must exist in order to be referenced in a request.

Requires tag:create and tag:read scopes.

ports: string

The ports on which traffic will be allowed specified as a string containing a single port, a range (e.g. "8000-9000"), or "0" when all ports are open for a protocol. For ICMP rules this parameter will always return "0".

protocol: "tcp" | "udp" | "icmp"

The type of traffic to be allowed. This may be one of tcp, udp, or icmp.

Accepts one of the following:
"tcp"
"udp"
"icmp"
pending_changes?: Array<PendingChange>

An array of objects each containing the fields "droplet_id", "removing", and "status". It is provided to detail exactly which Droplets are having their security policies updated. When empty, all changes have been successfully applied.

droplet_id?: number
removing?: boolean
status?: string
status?: "waiting" | "succeeded" | "failed"

A status string indicating the current state of the firewall. This can be "waiting", "succeeded", or "failed".

Accepts one of the following:
"waiting"
"succeeded"
"failed"
tags?: Array<string> | null

A flat array of tag names as strings to be applied to the resource. Tag names must exist in order to be referenced in a request.

Requires tag:create and tag:read scopes.

FirewallsDroplets

Add Droplets to a Firewall
client.gpuDroplets.firewalls.droplets.add(stringfirewallID, DropletAddParams { droplet_ids } body, RequestOptionsoptions?): void
post/v2/firewalls/{firewall_id}/droplets
Remove Droplets from a Firewall
client.gpuDroplets.firewalls.droplets.remove(stringfirewallID, DropletRemoveParams { droplet_ids } body, RequestOptionsoptions?): void
delete/v2/firewalls/{firewall_id}/droplets

FirewallsRules

Add Rules to a Firewall
client.gpuDroplets.firewalls.rules.add(stringfirewallID, RuleAddParams { inbound_rules, outbound_rules } body?, RequestOptionsoptions?): void
post/v2/firewalls/{firewall_id}/rules
Remove Rules from a Firewall
client.gpuDroplets.firewalls.rules.remove(stringfirewallID, RuleRemoveParams { inbound_rules, outbound_rules } body?, RequestOptionsoptions?): void
delete/v2/firewalls/{firewall_id}/rules

FirewallsTags

Add Tags to a Firewall
client.gpuDroplets.firewalls.tags.add(stringfirewallID, TagAddParams { tags } body, RequestOptionsoptions?): void
post/v2/firewalls/{firewall_id}/tags
Remove Tags from a Firewall
client.gpuDroplets.firewalls.tags.remove(stringfirewallID, TagRemoveParams { tags } body, RequestOptionsoptions?): void
delete/v2/firewalls/{firewall_id}/tags