doctl compute firewall create

Go to Navigation


doctl compute firewall create [flags]




Use this command to create a cloud firewall. This command must contain at least one inbound or outbound access rule.


--droplet-idsA comma-separated list of Droplet IDs to place behind the cloud firewall, e.g.: 123,456
--formatColumns for output in a comma-separated list. Possible values: ID, Name, Status, Created, InboundRules, OutboundRules, DropletIDs, Tags, PendingChanges
--help, -hHelp for this command
--inbound-rulesA comma-separated key-value list that defines an inbound rule, e.g.: protocol:tcp,ports:22,droplet_id:123. Use a quoted string of space-separated values for multiple rules.
--nameFirewall name (required)
--no-headerReturn raw data with no headers
Default: false
--outbound-rulesA comma-separate key-value list the defines an outbound rule, e.g.: protocol:tcp,ports:22,address: Use a quoted string of space-separated values for multiple rules.
--tag-namesA comma-separated list of tag names to apply to the cloud firewall, e.g.: frontend,backend
doctl compute firewallDisplay commands to manage cloud firewalls

Global Flags

--access-token, -tAPI V2 access token
--api-url, -uOverride default API endpoint
--config, -cSpecify a custom config file
  • macOS: ${HOME}/Library/Application Support/doctl/config.yaml
  • Linux: ${XDG_CONFIG_HOME}/doctl/config.yaml
  • Windows: %APPDATA%\doctl\config.yaml
--contextSpecify a custom authentication context name
--output, -oDesired output format [text|json]
Default: text
--traceShow a log of network activity while performing a command
Default: false
--verbose, -vEnable verbose output
Default: false