# Firewall Rules ## Create Firewall Rule `$ nirvana networking:firewall-rules create` **post** `/v1/networking/vpcs/{vpc_id}/firewall_rules` Create a firewall rule ### Parameters - `--vpc-id: string` VPC ID - `--destination-address: string` Destination address of the Firewall Rule. Either VPC CIDR or VM in VPC. Must be in network-aligned/canonical form. - `--destination-port: array of string` Destination ports of the Firewall Rule. - `--name: string` Name of the Firewall Rule. - `--protocol: "tcp" or "udp"` Protocol of the Firewall Rule. - `--source-address: string` Source address of the Firewall Rule. Address of 0.0.0.0 requires a CIDR mask of 0. Must be in network-aligned/canonical form. - `--tag: optional array of string` Tags to attach to the Firewall Rule. ### Returns - `operation: object { id, created_at, details, 6 more }` Operation details. - `id: string` Unique identifier for the Operation. - `created_at: string` When the Operation was created. - `details: object { changes }` Structured details about what an operation is changing. - `changes: map[OperationFieldDiff]` Map of changed field names to their from/to diffs. Keys depend on the parent operation's kind+type. - `from: string or number or boolean or array of string` Previous value. - `union_member_0: string` - `union_member_1: number` - `union_member_2: boolean` - `union_member_3: array of string` - `to: string or number or boolean or array of string` New value. - `union_member_0: string` - `union_member_1: number` - `union_member_2: boolean` - `union_member_3: array of string` - `kind: "vm" or "volume" or "vpc" or 3 more` Kind of Operation. - `"vm"` - `"volume"` - `"vpc"` - `"firewall_rule"` - `"nks_cluster"` - `"nks_node_pool"` - `project_id: string` Project ID the Operation belongs to. - `resource_id: string` ID of the resource that the Operation is acting on. - `status: "pending" or "running" or "done" or 2 more` Status of the Operation. - `"pending"` - `"running"` - `"done"` - `"failed"` - `"unknown"` - `type: "create" or "update" or "delete" or "restart"` Type of Operation. - `"create"` - `"update"` - `"delete"` - `"restart"` - `updated_at: string` When the Operation was updated. ### Example ```cli nirvana networking:firewall-rules create \ --api-key 'My API Key' \ --vpc-id vpc_id \ --destination-address 10.0.0.0/25 \ --destination-port "'22'" \ --destination-port "'80'" \ --destination-port "'443'" \ --name my-firewall-rule \ --protocol tcp \ --source-address 0.0.0.0/0 ``` #### Response ```json { "id": "123e4567-e89b-12d3-a456-426614174000", "created_at": "2025-01-01T00:00:00Z", "details": { "changes": { "foo": { "from": "string", "to": "string" } } }, "kind": "vm", "project_id": "123e4567-e89b-12d3-a456-426614174000", "resource_id": "123e4567-e89b-12d3-a456-426614174000", "status": "pending", "type": "create", "updated_at": "2025-01-01T00:00:00Z" } ``` ## Firewall Rule Details `$ nirvana networking:firewall-rules get` **get** `/v1/networking/vpcs/{vpc_id}/firewall_rules/{firewall_rule_id}` Get details about a firewall rule ### Parameters - `--vpc-id: string` VPC ID - `--firewall-rule-id: string` Firewall Rule ID ### Returns - `firewall_rule: object { id, created_at, destination_address, 8 more }` Firewall rule details. - `id: string` Unique identifier for the Firewall Rule. - `created_at: string` When the Firewall Rule was created. - `destination_address: string` Destination address of the Firewall Rule. Either VPC CIDR or VM in VPC. - `destination_ports: array of string` Destination ports of the Firewall Rule. - `name: string` Name of the Firewall Rule. - `protocol: "tcp" or "udp"` Protocol of the Firewall Rule. - `"tcp"` - `"udp"` - `source_address: string` Source address of the Firewall Rule. Address of 0.0.0.0 requires a CIDR mask of 0. - `status: "pending" or "creating" or "updating" or 4 more` Status of the resource. - `"pending"` - `"creating"` - `"updating"` - `"ready"` - `"deleting"` - `"deleted"` - `"error"` - `tags: array of string` Tags to attach to the Firewall Rule. - `updated_at: string` When the Firewall Rule was updated. - `vpc_id: string` ID of the VPC the Firewall Rule belongs to. ### Example ```cli nirvana networking:firewall-rules get \ --api-key 'My API Key' \ --vpc-id vpc_id \ --firewall-rule-id firewall_rule_id ``` #### Response ```json { "id": "123e4567-e89b-12d3-a456-426614174000", "created_at": "2025-01-01T00:00:00Z", "destination_address": "10.0.0.0/25", "destination_ports": [ "22", "80", "443" ], "name": "my-firewall-rule", "protocol": "tcp", "source_address": "0.0.0.0/0", "status": "ready", "tags": [ "production", "ethereum" ], "updated_at": "2025-01-01T00:00:00Z", "vpc_id": "123e4567-e89b-12d3-a456-426614174000" } ``` ## Update Firewall Rule `$ nirvana networking:firewall-rules update` **patch** `/v1/networking/vpcs/{vpc_id}/firewall_rules/{firewall_rule_id}` Update a firewall rule ### Parameters - `--vpc-id: string` VPC ID - `--firewall-rule-id: string` Firewall Rule ID - `--destination-address: optional string` Destination address of the Firewall Rule. Either VPC CIDR or VM in VPC. Must be in network-aligned/canonical form. - `--destination-port: optional array of string` Destination ports of the Firewall Rule. - `--name: optional string` Name of the Firewall Rule. - `--protocol: optional "tcp" or "udp"` Protocol of the Firewall Rule. - `--source-address: optional string` Source address of the Firewall Rule. Address of 0.0.0.0 requires a CIDR mask of 0. Must be in network-aligned/canonical form. - `--tag: optional array of string` Tags to attach to the Firewall Rule. ### Returns - `operation: object { id, created_at, details, 6 more }` Operation details. - `id: string` Unique identifier for the Operation. - `created_at: string` When the Operation was created. - `details: object { changes }` Structured details about what an operation is changing. - `changes: map[OperationFieldDiff]` Map of changed field names to their from/to diffs. Keys depend on the parent operation's kind+type. - `from: string or number or boolean or array of string` Previous value. - `union_member_0: string` - `union_member_1: number` - `union_member_2: boolean` - `union_member_3: array of string` - `to: string or number or boolean or array of string` New value. - `union_member_0: string` - `union_member_1: number` - `union_member_2: boolean` - `union_member_3: array of string` - `kind: "vm" or "volume" or "vpc" or 3 more` Kind of Operation. - `"vm"` - `"volume"` - `"vpc"` - `"firewall_rule"` - `"nks_cluster"` - `"nks_node_pool"` - `project_id: string` Project ID the Operation belongs to. - `resource_id: string` ID of the resource that the Operation is acting on. - `status: "pending" or "running" or "done" or 2 more` Status of the Operation. - `"pending"` - `"running"` - `"done"` - `"failed"` - `"unknown"` - `type: "create" or "update" or "delete" or "restart"` Type of Operation. - `"create"` - `"update"` - `"delete"` - `"restart"` - `updated_at: string` When the Operation was updated. ### Example ```cli nirvana networking:firewall-rules update \ --api-key 'My API Key' \ --vpc-id vpc_id \ --firewall-rule-id firewall_rule_id ``` #### Response ```json { "id": "123e4567-e89b-12d3-a456-426614174000", "created_at": "2025-01-01T00:00:00Z", "details": { "changes": { "foo": { "from": "string", "to": "string" } } }, "kind": "vm", "project_id": "123e4567-e89b-12d3-a456-426614174000", "resource_id": "123e4567-e89b-12d3-a456-426614174000", "status": "pending", "type": "create", "updated_at": "2025-01-01T00:00:00Z" } ``` ## Delete Firewall Rule `$ nirvana networking:firewall-rules delete` **delete** `/v1/networking/vpcs/{vpc_id}/firewall_rules/{firewall_rule_id}` Delete a firewall rule ### Parameters - `--vpc-id: string` VPC ID - `--firewall-rule-id: string` Firewall Rule ID ### Returns - `operation: object { id, created_at, details, 6 more }` Operation details. - `id: string` Unique identifier for the Operation. - `created_at: string` When the Operation was created. - `details: object { changes }` Structured details about what an operation is changing. - `changes: map[OperationFieldDiff]` Map of changed field names to their from/to diffs. Keys depend on the parent operation's kind+type. - `from: string or number or boolean or array of string` Previous value. - `union_member_0: string` - `union_member_1: number` - `union_member_2: boolean` - `union_member_3: array of string` - `to: string or number or boolean or array of string` New value. - `union_member_0: string` - `union_member_1: number` - `union_member_2: boolean` - `union_member_3: array of string` - `kind: "vm" or "volume" or "vpc" or 3 more` Kind of Operation. - `"vm"` - `"volume"` - `"vpc"` - `"firewall_rule"` - `"nks_cluster"` - `"nks_node_pool"` - `project_id: string` Project ID the Operation belongs to. - `resource_id: string` ID of the resource that the Operation is acting on. - `status: "pending" or "running" or "done" or 2 more` Status of the Operation. - `"pending"` - `"running"` - `"done"` - `"failed"` - `"unknown"` - `type: "create" or "update" or "delete" or "restart"` Type of Operation. - `"create"` - `"update"` - `"delete"` - `"restart"` - `updated_at: string` When the Operation was updated. ### Example ```cli nirvana networking:firewall-rules delete \ --api-key 'My API Key' \ --vpc-id vpc_id \ --firewall-rule-id firewall_rule_id ``` #### Response ```json { "id": "123e4567-e89b-12d3-a456-426614174000", "created_at": "2025-01-01T00:00:00Z", "details": { "changes": { "foo": { "from": "string", "to": "string" } } }, "kind": "vm", "project_id": "123e4567-e89b-12d3-a456-426614174000", "resource_id": "123e4567-e89b-12d3-a456-426614174000", "status": "pending", "type": "create", "updated_at": "2025-01-01T00:00:00Z" } ``` ## List Firewall Rules `$ nirvana networking:firewall-rules list` **get** `/v1/networking/vpcs/{vpc_id}/firewall_rules` List all firewall rules ### Parameters - `--vpc-id: string` VPC ID - `--cursor: optional string` Pagination cursor returned by a previous request - `--limit: optional number` Maximum number of items to return ### Returns - `firewall_rule_list: object { items, pagination }` - `items: array of FirewallRule` - `id: string` Unique identifier for the Firewall Rule. - `created_at: string` When the Firewall Rule was created. - `destination_address: string` Destination address of the Firewall Rule. Either VPC CIDR or VM in VPC. - `destination_ports: array of string` Destination ports of the Firewall Rule. - `name: string` Name of the Firewall Rule. - `protocol: "tcp" or "udp"` Protocol of the Firewall Rule. - `"tcp"` - `"udp"` - `source_address: string` Source address of the Firewall Rule. Address of 0.0.0.0 requires a CIDR mask of 0. - `status: "pending" or "creating" or "updating" or 4 more` Status of the resource. - `"pending"` - `"creating"` - `"updating"` - `"ready"` - `"deleting"` - `"deleted"` - `"error"` - `tags: array of string` Tags to attach to the Firewall Rule. - `updated_at: string` When the Firewall Rule was updated. - `vpc_id: string` ID of the VPC the Firewall Rule belongs to. - `pagination: object { next_cursor, previous_cursor, total_count }` Pagination response details. - `next_cursor: string` - `previous_cursor: string` - `total_count: number` ### Example ```cli nirvana networking:firewall-rules list \ --api-key 'My API Key' \ --vpc-id vpc_id ``` #### Response ```json { "items": [ { "id": "123e4567-e89b-12d3-a456-426614174000", "created_at": "2025-01-01T00:00:00Z", "destination_address": "10.0.0.0/25", "destination_ports": [ "22", "80", "443" ], "name": "my-firewall-rule", "protocol": "tcp", "source_address": "0.0.0.0/0", "status": "ready", "tags": [ "production", "ethereum" ], "updated_at": "2025-01-01T00:00:00Z", "vpc_id": "123e4567-e89b-12d3-a456-426614174000" } ], "pagination": { "next_cursor": "RhwniMT4B74siYZcPF8TnCdGI1l9rpPvg", "previous_cursor": "ARhwnmi1hA7wEbHbMjdYQlOB_ZusP4fYvw", "total_count": 125 } } ``` ## Domain Types ### Firewall Rule - `firewall_rule: object { id, created_at, destination_address, 8 more }` Firewall rule details. - `id: string` Unique identifier for the Firewall Rule. - `created_at: string` When the Firewall Rule was created. - `destination_address: string` Destination address of the Firewall Rule. Either VPC CIDR or VM in VPC. - `destination_ports: array of string` Destination ports of the Firewall Rule. - `name: string` Name of the Firewall Rule. - `protocol: "tcp" or "udp"` Protocol of the Firewall Rule. - `"tcp"` - `"udp"` - `source_address: string` Source address of the Firewall Rule. Address of 0.0.0.0 requires a CIDR mask of 0. - `status: "pending" or "creating" or "updating" or 4 more` Status of the resource. - `"pending"` - `"creating"` - `"updating"` - `"ready"` - `"deleting"` - `"deleted"` - `"error"` - `tags: array of string` Tags to attach to the Firewall Rule. - `updated_at: string` When the Firewall Rule was updated. - `vpc_id: string` ID of the VPC the Firewall Rule belongs to. ### Firewall Rule List - `firewall_rule_list: object { items, pagination }` - `items: array of FirewallRule` - `id: string` Unique identifier for the Firewall Rule. - `created_at: string` When the Firewall Rule was created. - `destination_address: string` Destination address of the Firewall Rule. Either VPC CIDR or VM in VPC. - `destination_ports: array of string` Destination ports of the Firewall Rule. - `name: string` Name of the Firewall Rule. - `protocol: "tcp" or "udp"` Protocol of the Firewall Rule. - `"tcp"` - `"udp"` - `source_address: string` Source address of the Firewall Rule. Address of 0.0.0.0 requires a CIDR mask of 0. - `status: "pending" or "creating" or "updating" or 4 more` Status of the resource. - `"pending"` - `"creating"` - `"updating"` - `"ready"` - `"deleting"` - `"deleted"` - `"error"` - `tags: array of string` Tags to attach to the Firewall Rule. - `updated_at: string` When the Firewall Rule was updated. - `vpc_id: string` ID of the VPC the Firewall Rule belongs to. - `pagination: object { next_cursor, previous_cursor, total_count }` Pagination response details. - `next_cursor: string` - `previous_cursor: string` - `total_count: number`