firewall_rules
Creates, updates, deletes, gets or lists a firewall_rules resource.
Overview
| Name | firewall_rules |
| Type | Resource |
| Id | digitalocean.databases.firewall_rules |
Fields
The following fields are returned by SELECT queries:
- databases_list_firewall_rules
A JSON object with a key of rules.
| Name | Datatype | Description |
|---|---|---|
cluster_uuid | string | A unique ID for the database cluster to which the rule is applied. (pattern: ^$|[0-9a-f]{8}\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\b[0-9a-f]{12}, example: 9cc10173-e9ea-4176-9dbc-a4cee4c4ff30) |
created_at | string (date-time) | A time value given in ISO8601 combined date and time format that represents when the firewall rule was created. (example: 2019-01-11T18:37:36Z) |
type | string | The type of resource that the firewall rule allows to access the database cluster. (example: droplet) |
uuid | string | A unique ID for the firewall rule itself. (pattern: ^$|[0-9a-f]{8}\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\b[0-9a-f]{12}, example: 79f26d28-ea8a-41f2-8ad8-8cfcdd020095) |
value | string | The ID of the specific resource, the name of a tag applied to a group of resources, or the IP address that the firewall rule allows to access the database cluster. (example: ff2a6c52-5a44-4b63-b99c-0e98e7a63d61) |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
databases_list_firewall_rules | select | database_cluster_uuid | To list all of a database cluster's firewall rules (known as "trusted sources" in the control panel), send a GET request to /v2/databases/$DATABASE_ID/firewall.The result will be a JSON object with a rules key. | |
databases_update_firewall_rules | replace | database_cluster_uuid | To update a database cluster's firewall rules (known as "trusted sources" in the control panel), send a PUT request to /v2/databases/$DATABASE_ID/firewall specifying which resources should be able to open connections to the database. You may limit connections to specific Droplets, Kubernetes clusters, or IP addresses. When a tag is provided, any Droplet or Kubernetes node with that tag applied to it will have access. The firewall is limited to 100 rules (or trusted sources). When possible, we recommend placing your databases into a VPC network to limit access to them instead of using a firewall.A successful |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
database_cluster_uuid | string (uuid) | A unique identifier for a database cluster. (example: 9cc10173-e9ea-4176-9dbc-a4cee4c4ff30) |
SELECT examples
- databases_list_firewall_rules
To list all of a database cluster's firewall rules (known as "trusted sources" in the control panel), send a GET request to /v2/databases/$DATABASE_ID/firewall.
The result will be a JSON object with a rules key.
SELECT
cluster_uuid,
created_at,
type,
uuid,
value
FROM digitalocean.databases.firewall_rules
WHERE database_cluster_uuid = '{{ database_cluster_uuid }}' -- required;
REPLACE examples
- databases_update_firewall_rules
To update a database cluster's firewall rules (known as "trusted sources" in the control panel), send a PUT request to /v2/databases/$DATABASE_ID/firewall specifying which resources should be able to open connections to the database. You may limit connections to specific Droplets, Kubernetes clusters, or IP addresses. When a tag is provided, any Droplet or Kubernetes node with that tag applied to it will have access. The firewall is limited to 100 rules (or trusted sources). When possible, we recommend placing your databases into a VPC network to limit access to them instead of using a firewall.
A successful
REPLACE digitalocean.databases.firewall_rules
SET
data__rules = '{{ rules }}'
WHERE
database_cluster_uuid = '{{ database_cluster_uuid }}' --required;