doctl databases firewalls list

Generated on 23 Jun 2025 from doctl version v1.131.0

Usage 

doctl databases firewalls list <database-cluster-id> [flags]

Aliases 

ls

Description

This command lists the following details for each firewall rule in a given database:

- The UUID of the firewall rule
- The UUID of the cluster for which the rule is applied
- The type of resource that the firewall rule allows to access the database cluster. Possible values are: `droplet`, `k8s`, `ip_addr`, `tag`, `app`
- The value, which specifies the resource or resources allowed to access the database cluster. Possible values are either the ID of the specific resource, the name of a tag applied to a group of resources, or an IP address
- When the firewall rule was created, in ISO8601 date/time format

This command requires the ID of a database cluster, which you can retrieve by calling:

doctl databases list

Example

The following example retrieves a list of firewall rules for a database cluster with the ID ca9f591d-f38h-5555-a0ef-1c02d1d1e35:

doctl databases firewalls list ca9f591d-f38h-5555-a0ef-1c02d1d1e35

Flags

Option Description
--help, -h Help for this command
Command Description
doctl databases firewalls Display commands to manage firewall rules (called`trusted sources` in the control panel) for database clusters

Global Flags

Option Description
--access-token, -t API V2 access token
--api-url, -u Override default API endpoint
--config, -c Specify a custom config file
Default:
    --context Specify a custom authentication context name
    --http-retry-max Set maximum number of retries for requests that fail with a 429 or 500-level error
    Default: 5
    --http-retry-wait-max Set the minimum number of seconds to wait before retrying a failed request
    Default: 30
    --http-retry-wait-min Set the maximum number of seconds to wait before retrying a failed request
    Default: 1
    --interactive Enable interactive behavior. Defaults to true if the terminal supports it (default false)
    Default: false
    --output, -o Desired output format [text|json]
    Default: text
    --trace Show a log of network activity while performing a command
    Default: false
    --verbose, -v Enable verbose output
    Default: false

    We can't find any results for your search.

    Try using different keywords or simplifying your search terms.