Database
Provides a DigitalOcean database firewall resource allowing you to restrict connections to your database to trusted sources. You may limit connections to specific Droplets, Kubernetes clusters, or IP addresses.
Example Usage
Create a new database firewall allowing multiple IP addresses
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.digitalocean.DatabaseCluster;
import com.pulumi.digitalocean.DatabaseClusterArgs;
import com.pulumi.digitalocean.DatabaseFirewall;
import com.pulumi.digitalocean.DatabaseFirewallArgs;
import com.pulumi.digitalocean.inputs.DatabaseFirewallRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var postgres_example = new DatabaseCluster("postgres-example", DatabaseClusterArgs.builder()
.engine("pg")
.version("11")
.size("db-s-1vcpu-1gb")
.region("nyc1")
.nodeCount(1)
.build());
var example_fw = new DatabaseFirewall("example-fw", DatabaseFirewallArgs.builder()
.clusterId(postgres_example.id())
.rules(
DatabaseFirewallRuleArgs.builder()
.type("ip_addr")
.value("192.168.1.1")
.build(),
DatabaseFirewallRuleArgs.builder()
.type("ip_addr")
.value("192.0.2.0")
.build())
.build());
}
}Content copied to clipboard
Create a new database firewall allowing a Droplet
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.digitalocean.Droplet;
import com.pulumi.digitalocean.DropletArgs;
import com.pulumi.digitalocean.DatabaseCluster;
import com.pulumi.digitalocean.DatabaseClusterArgs;
import com.pulumi.digitalocean.DatabaseFirewall;
import com.pulumi.digitalocean.DatabaseFirewallArgs;
import com.pulumi.digitalocean.inputs.DatabaseFirewallRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var web = new Droplet("web", DropletArgs.builder()
.size("s-1vcpu-1gb")
.image("ubuntu-22-04-x64")
.region("nyc3")
.build());
var postgres_example = new DatabaseCluster("postgres-example", DatabaseClusterArgs.builder()
.engine("pg")
.version("11")
.size("db-s-1vcpu-1gb")
.region("nyc1")
.nodeCount(1)
.build());
var example_fw = new DatabaseFirewall("example-fw", DatabaseFirewallArgs.builder()
.clusterId(postgres_example.id())
.rules(DatabaseFirewallRuleArgs.builder()
.type("droplet")
.value(web.id())
.build())
.build());
}
}Content copied to clipboard
Import
Database firewalls can be imported using the id of the target database cluster For example
$ pulumi import digitalocean:index/databaseFirewall:DatabaseFirewall example-fw 5f55c6cd-863b-4907-99b8-7e09b0275d54Content copied to clipboard