doctl databases firewalls append <database-cluster-id> --rule <type>:<value> [flags]
a
Appends a single rule to the existing firewall rules of the specified database.
This command requires the --rule
flag specifying the resource or resources allowed to access the database cluster. The rule passed to the --rule
flag must be in a type
is the type of resource that the firewall rule allows to access the database cluster. Possible values are: droplet
, k8s",
ip_addr,
tag,
app-
value` is either the ID of a specific resource, the name of a tag applied to a group of resources, or the IP address that the firewall rule allows to access the database cluster.
The following example appends a firewall rule to a database cluster with the ID ca9f591d-f38h-5555-a0ef-1c02d1d1e35
that allows any resources with the example-tag
to access the database:
doctl databases firewalls append ca9f591d-f38h-5555-a0ef-1c02d1d1e35 --rule tag:example-tag
Option | Description |
---|---|
--help
, -h
|
Help for this command |
--rule
|
(required) |
Command | Description |
---|---|
doctl databases firewalls | Display commands to manage firewall rules (called`trusted sources` in the control panel) for database clusters |
Option | Description |
---|---|
--access-token , -t
|
API V2 access token |
--api-url , -u
|
Override default API endpoint |
--config , -c
|
Specify a custom config file
Default:
|
--context
|
Specify a custom authentication context name |
--http-retry-max
|
Set maximum number of retries for requests that fail with a 429 or 500-level error
Default: 5
|
--http-retry-wait-max
|
Set the minimum number of seconds to wait before retrying a failed request
Default: 30
|
--http-retry-wait-min
|
Set the maximum number of seconds to wait before retrying a failed request
Default: 1
|
--interactive
|
Enable interactive behavior. Defaults to true if the terminal supports it (default false)
Default: false
|
--output , -o
|
Desired output format [text|json]
Default: text
|
--trace
|
Show a log of network activity while performing a command
Default: false
|
--verbose , -v
|
Enable verbose output
Default: false
|