# firewall:read

Last edited on 28 Aug 2025

## Scope Summary

View Cloud firewalls

## Required Scopes

To add a scope to an API token, you must also add its required scopes. For example, to add a non-read scope for a resource type, you must also add the read scope for that resource type.

`firewall:read` has no additional required scopes.

## Associated Scopes

Associated scopes are not required, but they support full functionality of the scope they’re associated with.

For example, to create a Droplet, you need `droplet:create`. To tag a Droplet during creation, you additionally need `tag:create`, so `tag:create` is listed as an associated scope for `droplet:create`.

The following scopes are associated with `firewall:read`:

| Scope | Description |
|---|---|
| [`tag:read`](../../tag/read) | View resource tags |
| [`droplet:read`](../../droplet/read) | View Droplets |
| [`load_balancer:read`](../../load_balancer/read) | View load balancers |
| [`kubernetes:read`](../../kubernetes/read) | View Kubernetes clusters but not cluster credentials |