> ## Documentation Index > Fetch the complete documentation index at: https://docs.gmicloud.ai/llms.txt > Use this file to discover all available pages before exploring further. # Create firewall ## OpenAPI ````yaml /api-spec/service_api.yaml post /v1/firewalls openapi: 3.0.1 info: contact: email: support@gmicloud.ai description: Cluster Engine API spec title: Cluster Engine API version: 2.4.0 servers: - url: https://console.gmicloud.ai/api security: - bearerAuth: [] tags: - name: containers description: >- GMI Container management APIs for creating, managing, and monitoring containerized applications. - name: templates description: >- GMI template management APIs for creating and managing reusable container template. - name: baremetals description: >- GMI Bare metal management APIs for provisioning, configuring, and controlling physical server nodes. Handles server lifecycle management, hardware inventory, and status monitoring. - name: images description: GMI Image management APIs for query OS images. - name: elastic-ips description: >- GMI Elastic IP address management APIs for allocating, associating, and managing public IP addresses. paths: /v1/firewalls: post: tags: - firewalls summary: Create firewall operationId: createFirewall requestBody: content: application/json: schema: $ref: '#/components/schemas/FirewallCreateReq' required: true responses: '200': content: application/json: schema: $ref: '#/components/schemas/FirewallResp' description: successful '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '500': $ref: '#/components/responses/InternalServerError' '503': $ref: '#/components/responses/ServiceUnavailable' components: schemas: FirewallCreateReq: allOf: - $ref: '#/components/schemas/FirewallUpdateReq' - properties: idc: $ref: '#/components/schemas/idcName' required: - idc type: object FirewallResp: allOf: - $ref: '#/components/schemas/FirewallCreateReq' - properties: assoInstances: $ref: '#/components/schemas/UuidList' assoContainers: $ref: '#/components/schemas/UuidList' description: Associated container instance IDs id: format: uuid type: string isPreset: description: >- Whether this is a preset firewall (cannot be deleted or have rules modified) type: boolean orgId: format: uuid type: string status: enum: - active - building - error type: string type: object FirewallUpdateReq: properties: description: maxLength: 255 type: string inboundRules: $ref: '#/components/schemas/FirewallRules' name: maxLength: 255 type: string required: - name - inboundRules type: object idcName: maxLength: 50 pattern: ^[a-zA-Z0-9._-]+$ type: string UuidList: items: format: uuid type: string type: array error: properties: code: type: integer x-go-type-skip-optional-pointer: true reason: type: string x-go-type-skip-optional-pointer: true required: - reason type: object errorStatusMessage: example: code: 0 group: request validationDetail: - expression: required field: userName originalValue: '' reason: This field is required. properties: code: description: The substatus error code for the API response. type: integer group: description: >- API function group. Will be "request" if there are invalid request parameters. type: string message: description: The substatus error message for the API response. type: string traces: description: The original error messages. items: type: string type: array validationDetail: items: $ref: '#/components/schemas/validationDetail' type: array required: - group - code type: object FirewallRules: items: oneOf: - $ref: '#/components/schemas/FirewallRuleWithPortRange' - $ref: '#/components/schemas/FirewallRuleWithoutPortRange' type: array validationDetail: example: expression: required field: userName originalValue: '' reason: This field is required. properties: argument: description: Data supporting the expression. type: string expression: description: The form of violation. type: string field: description: The field of the request data. type: string originalValue: description: The original value from the request. type: string reason: description: The reason for the validation error. type: string type: object FirewallRuleWithPortRange: properties: description: maxLength: 255 type: string portRange: $ref: '#/components/schemas/portRange' protocol: enum: - tcp - udp type: string remoteIpPrefix: $ref: '#/components/schemas/remoteIpPrefix' required: - protocol - portRange - remoteIpPrefix type: object FirewallRuleWithoutPortRange: additionalProperties: false properties: description: maxLength: 255 type: string protocol: enum: - icmp - any type: string remoteIpPrefix: $ref: '#/components/schemas/remoteIpPrefix' required: - protocol - remoteIpPrefix type: object portRange: properties: max: maximum: 65535 minimum: 1 type: integer min: maximum: 65535 minimum: 1 type: integer required: - min - max type: object remoteIpPrefix: description: CIDR notation example: 237.84.2.178/24 pattern: ^[0-9]{1,3}(\.[0-9]{1,3}){3}\/[0-9]{1,2}$ type: string responses: BadRequest: content: application/json: example: reason: resources.CPU is a required property schema: oneOf: - $ref: '#/components/schemas/error' - $ref: '#/components/schemas/errorStatusMessage' description: bad request Unauthorized: content: application/json: examples: Expired access token.: summary: Expired access token. value: code: 1 group: auth_verify message: Expired access token. Invalid access token.: summary: Invalid access token. value: code: 0 group: auth_verify message: Invalid access token. schema: $ref: '#/components/schemas/errorStatusMessage' description: Authentication information is missing or invalid headers: WWW_Authenticate: schema: type: string InternalServerError: content: application/json: example: reason: An error occurred in the kubernetes cluster schema: $ref: '#/components/schemas/error' description: Internal Server Error ServiceUnavailable: content: application/json: example: reason: database is unavailable schema: $ref: '#/components/schemas/error' description: a dependent service is unavailable securitySchemes: bearerAuth: bearerFormat: JWT scheme: bearer type: http ````