doctl databases firewalls append

Go to Navigation


doctl databases firewalls append <db-id> --rule type:value [flags]




Use this command to append a single rule to the existing firewall rules of a given database. This command requires the ID of a database cluster, which you can retrieve by calling:

doctl databases list

This command also requires a –rule flag. Each rule passed in to the –rule flag must be of format type:value - “type” is the type of resource that the firewall rule allows to access the database cluster. The possible values for type are: “droplet”, “k8s”, “ip_addr”, “tag”, or “app” - “value” is either the ID of the specific resource, the name of a tag applied to a group of resources, or the IP address that the firewall rule allows to access the database cluster

For example:

doctl databases firewalls append d1234-1c12-1234-b123-12345c4789 --rule tag:backend

This would append the firewall rule “tag:backend” for database of id d1234-1c12-1234-b123-12345c4789


Option Description
--help , -h Help for this command
--rule (required)
Command Description
doctl databases firewalls Display commands to manage firewall rules (called`trusted sources` in the control panel) for database clusters

Global Flags

Option Description
--access-token, -t API V2 access token
--api-url, -u Override default API endpoint
--config, -c Specify a custom config file
  • macOS: ${HOME}/Library/Application Support/doctl/config.yaml
  • Linux: ${XDG_CONFIG_HOME}/doctl/config.yaml
  • Windows: %APPDATA%\doctl\config.yaml
--context Specify a custom authentication context name
--interactive Enable interactive behavior. Defaults to true if the terminal supports it (default false)
Default: false
--output, -o Desired output format [text|json]
Default: text
--trace Show a log of network activity while performing a command
Default: false
--verbose, -v Enable verbose output
Default: false