# firewall:create

Last edited on 30 Jun 2025

## Permission Summary

Create Cloud firewalls

## Required Permissions

To add a permission to a custom role, you must also add its required permissions.

For example, to add a non-read permission for a resource type, you must also add the read permission for that resource type.

The following permissions are required for `firewall:create`:

| Permission | Description |
|---|---|
| [`firewall:read`](../../firewall/read) | View Cloud firewalls |

## Associated Permissions

Associated permissions are not required, but they support full functionality of the permission they’re associated with.

For example, to create a Droplet, you need `droplet:create`. To tag a Droplet during creation, you additionally need `tag:create`, so `tag:create` is listed as an associated permission for `droplet:create`.

The following permissions are associated with `firewall:create`:

| Permission | Description |
|---|---|
| [`tag:read`](../../tag/read) | View resource tags |
| [`droplet:read`](../../droplet/read) | View Droplets |
| [`load_balancer:read`](../../load_balancer/read) | View load balancers |
| [`kubernetes:read`](../../kubernetes/read) | View Kubernetes clusters but not cluster credentials |