Configure network lists
Reduce harmful security attacks by allowing only trusted IP/CIDRs and locations to access your services and content.
What you'll do
Create, update, and activate a network list to use with other Akamai services.
Create a network list
Network lists allow or deny access to your site and content by address or location.
To create a network list, specify its settings, including a list type, IP or GEO, name, and description using individual parameters in the New-NetworkList command.
New-NetworkList -Name 'My network list' -Type 'IP' -Description 'My new IP network list' -ContractId 'C-0N7RAC7' -GroupID 12345
accessControlGroup : My Group - C-0N7RAC7.G12345
contractId : C-0N7RAC7
description : My new IP network list
elementCount : 2
groupId : 12345
isUpgradePossible : True
isUpgraded : False
links : @{activateInProduction=; activateInStaging=; appendItems=; retrieve=;
statusInProduction=; statusInStaging=; update=}
list : {123.45.678.901, 234.56.789.012}
name : My network list
networkListType : networkListResponse
readOnly : False
shared : False
syncPoint : 0
type : IP
uniqueId : 12345_MYNETWORKLIST
Instead of specifying attributes individually, you can provide the network list's settings in a variable as a hashtable, PSCustomObject, or JSON string and then pass the variable in the -Body parameter of the New-NetworkList command.
| Argument | Required | Description |
|---|---|---|
name |
✔ | Your network list's name. |
type |
✔ | Your network list's type. One of:
|
description |
Additional information about the network list. | |
list |
IP addresses or locations to include. Depending on the network list's type, provide the following in this argument:
|
|
contractId |
Your contract ID. | |
groupId |
Your group ID. |
$MyNewNetworkList = @{
type = "IP"
list = @(
"123.45.678.901",
"234.56.789.012"
)
name = "My network list"
description = "My new IP network list"
contractId = "C-0N7RAC7"
groupId = 12345
}
New-NetworkList -Body $MyNewNetworkList
$MyNewNetworkList = '{
"type": "IP",
"list": [
"123.45.678.901",
"234.56.789.012"
],
"name": "My network list",
"description": "My new IP network list",
"contractId": "C-0N7RAC7",
"groupId": 12345
}'
New-NetworkList -Body $MyNewNetworkList
Update a network list
-
To see what network lists are available to you, run the
Get-NetworkListcommand. Add additional switch parameters to include more details in the response.Note that adding
-IncludeElementsand-Extendedswitch parameters to the command may slow down the response due to larger response objects.# Get all Get-NetworkList # Get all detailed Get-NetworkList -IncludeElements -ListType 'IP' -Search '123.456.' # Get one Get-NetworkList -NetworkListID '98765_OFACCOUNTRYLIST' # Get one detailed Get-NetworkList -NetworkListID '98765_OFACCOUNTRYLIST' -Extended -IncludeElementsaccessControlGroup : My Group - C-0N7RAC7.G12345 createDate : 12/4/2025 3:41:53 PM createdBy : jsmith@email.com description : Default Security Bypass List elementCount : 0 expeditedProductionActivationStatus : INACTIVE expeditedStagingActivationStatus : INACTIVE isUpgradePossible : True isUpgraded : False links : @{activateInProduction=; activateInStaging=; appendItems=; retrieve=; statusInProduction=; statusInStaging=; update=} name : Security Bypass List networkListType : extendedNetworkListResponse productionActivationStatus : ACTIVE readOnly : False shared : False stagingActivationStatus : INACTIVE syncPoint : 0 type : IP uniqueId : 12345_SECURITYBYPASSLIST updateDate : 12/4/2024 3:41:53 PM updatedBy : jsmith@email.com createDate : 9/18/2023 10:10:47 PM createdBy : akamai elementCount : 18 expeditedProductionActivationStatus : INACTIVE expeditedStagingActivationStatus : INACTIVE isUpgradePossible : False isUpgraded : True links : @{activateInProduction=; activateInStaging=; appendItems=; retrieve=; statusInProduction=; statusInStaging=; update=} list : {iq, mm, ir, ye…} migratedBy : jasmith migrationDate : 1731490622926 migrationStatus : UPGRADE_FINISHED name : Office of Foreign Asset Control (OFAC) List networkListType : extendedNetworkListResponse productionActivationStatus : ACTIVE readOnly : True shared : True stagingActivationStatus : ACTIVE syncPoint : 4 type : GEO uniqueId : 98765_OFACCOUNTRYLIST updateDate : 6/10/2024 3:48:57 PM updatedBy : akamaicreateDate : 9/18/2023 10:10:47 PM createdBy : akamai deprecated : False elementCount : 18 isUpgradePossible : False isUpgraded : True links : @{statusInProduction=; statusInStaging=} list : {by, cd, cf, ci…} migratedBy : jasmith migrationDate : 1731490622926 migrationStatus : UPGRADE_FINISHED name : Office of Foreign Asset Control (OFAC) List networkListType : extendedNetworkListResponse productionActivationStatus : ACTIVE readOnly : True shared : True stagingActivationStatus : ACTIVE syncPoint : 4 type : GEO uniqueId : 98765_OFACCOUNTRYLIST updateDate : 6/10/2024 3:48:57 PM updatedBy : akamai -
To update a network list, save the result of the
Get-NetworkListcommand in a variable and update specific attributes of your network list. Then pipe the entire object back to theSet-NetworkListcommand to make your changes effective.$myNetworkList = Get-NetworkList -NetworkListID '12345_MYNETWORKLIST' $myNetworkList.name = 'My updated IP network list' $myNetworkList.description = 'My network list – updated' $myNetworkList.list = @("123.45.678.901", "234.56.789.012", "345.67.890.123") $myNetworkList | Set-NetworkList -NetworkListID '12345_MYNETWORKLIST'accessControlGroup : My Group - C-0N7RAC7.G12345 contractId : C-0N7RAC7 description : My network list – updated elementCount : 3 groupId : 12345 isUpgradePossible : True isUpgraded : False links : @{activateInProduction=; activateInStaging=; appendItems=; retrieve=; statusInProduction=; statusInStaging=; update=} list : {123.45.678.901, 234.56.789.012, 345.67.890.123} name : My updated IP network list networkListType : networkListResponse readOnly : False shared : False syncPoint : 1 type : IP uniqueId : 12345_MYNETWORKLISTAlternatively, you can retrieve a specific record, save its output locally, and edit it as needed.
Get-NetworkList -NetworkListID '12345_MYNETWORKLIST' | ConvertTo-Json -Depth 100 | Out-File -FilePath ./myNetworkList.jsonThen convert it back to a PowerShell object and pipe it to the
Set-NetworkListcommand along with the required ID.$myNetworkList = Get-Content ./myNetworkList.json | ConvertFrom-Json -Depth 100 $myNetworkList | Set-NetworkList -NetworkListID '12345_MYNETWORKLIST'
Add an element
To add an element to the list, run the Add-NetworkListElement command. In the -Element parameter, provide:
- A URL-encoded IP address or CIDR block if the network list's type is
IP. - A two-character ISO country code if the network list's type is
GEO.
Repeat the operation for each element you want to add.
Add-NetworkListElement -NetworkListID '12345_MYNETWORKLIST' -Element '345.67.890.123'
accessControlGroup : My Group - C-0N7RAC7.G12345
description : My new IP network list
elementCount : 3
isUpgradePossible : True
isUpgraded : False
links : @{activateInProduction=; activateInStaging=; appendItems=; retrieve=;
statusInProduction=; statusInStaging=; update=}
list : {123.45.678.901, 234.56.789.012, 345.67.890.123}
name : My network list
networkListType : networkListResponse
readOnly : False
shared : False
syncPoint : 2
type : IP
uniqueId : 12345_MYNETWORKLIST
Activate a network list
Use your network list ID in the New-NetworkListActivation command to activate the most recent syncPoint version of your network list on either the staging or production network.
If the activation is linked to a Siebel ticket, optionally pass the -SiebelTicketID parameter with the value that identifies that ticket.
Note: Instead of the
New-NetworkListActivationcommand, you can use its alias,Deploy-NetworkList.
New-NetworkListActivation -NetworkListID '12345_MYNETWORKLIST' -Environment 'STAGING' -Comments 'Activating on staging'
-NotificationRecipients 'jsmith@example.com'
activationComments : Activating on staging
activationId : 12345
activationStatus : PENDING_ACTIVATION
links : @{activationDetails=; appendItems=; retrieve=; statusInProduction=;
statusInStaging=; syncPointHistory=; update=}
syncPoint : 1
uniqueId : 12345_MYNETWORKLIST
To check the list's activation status, run one of these commands:
-
Get-NetworkListActivationStatus. This returns the standard activation status information. In the command, specify the list ID and the network for which you want to check the activation status.Get-NetworkListActivationStatus -NetworkListID '12345_MYNETWORKLIST' -Environment 'STAGING'activationComments : Activating on staging activationId : 12345 activationStatus : ACTIVE links : @{activationDetails=; appendItems=; retrieve=; statusInProduction=; statusInStaging=; syncPointHistory=; update=} syncPoint : 1 uniqueId : 12345_MYNETWORKLIST -
Get-NetworkListActivation. This returns more detailed information on a given activation, including progress on fast activation and other audit information. In the command, specify the activation ID that you received after runningNew-NetworkListActivation.Get-NetworkListActivation -ActivationID '12345'activationId : 12345 createDate : 6/2/2025 4:06:05 PM createdBy : 1abc2defghijk dispatchCount : 1 environment : STAGING estimate : PT0S fast : True initialActivation : False networkList : @{activationComments=Activating on staging; activationStatus=ACTIVE; links=; syncPoint=1; uniqueId=12345_MYNETWORKLIST} status : ACTIVATEDSee Activation states for a list of possible activation statuses.
If you want to see the details of the network list's version in its state when activated, run the NetworkListSnapshot by passing the -SyncPoint value.
Get-NetworkListSnapshot -NetworkListID '12345_MYNETWORKLIST' -SyncPoint 1
accessControlGroup : My Group - C-0N7RAC7.G12345
description : My new IP network list
elementCount : 3
isUpgradePossible : True
isUpgraded : False
links : @{activateInProduction=; activateInStaging=; appendItems=; retrieve=;
statusInProduction=; statusInStaging=; update=}
list : {123.45.678.901, 234.56.789.012, 345.67.890.123}
name : My network list
networkListType : networkListResponse
readOnly : False
shared : False
syncPoint : 1
type : IP
uniqueId : 12345_MYNETWORKLIST
Deactivate a network list
To deactivate a network list, remove all the IP/CIDR addresses or geographic codes from the list with the Remove-NetworkListElement command. In the -Element parameter, define the entry you want to remove from the list argument.
Repeat the operation until you remove all the elements.
Remove-NetworkListElement -NetworkListID '12345_MYNETWORKLIST' -Element '345.67.890.123'
accessControlGroup : My Group - C-0N7RAC7.G12345
description : My new IP network list
elementCount : 0
isUpgradePossible : True
isUpgraded : False
links : @{activateInProduction=; activateInStaging=; appendItems=; retrieve=;
statusInProduction=; statusInStaging=; update=}
name : My network list
networkListType : networkListResponse
readOnly : False
shared : False
syncPoint : 3
type : IP
uniqueId : 12345_MYNETWORKLIST
Remove a network list
You can remove only network lists that have never been activated on the staging or production network. To do that, run the Remove-NetworkList command specifying the list ID you want to remove.
Remove-NetworkList -NetworkListID '12345_MYNETWORKLIST'
status syncPoint uniqueId
------ --------- --------
200 0 12345_MYNETWORKLIST
Subscribe to a network list
To receive change notifications for network lists or manage notification recipients, provide both in the New-NetworkListSubscription command.
New-NetworkListSubscription -Recipients 'jsmith@example.com' -UniquedIDs '12345_MYNETWORKLIST'
If you don't want to receive change notifications for certain network lists or you want to exempt certain recipients from receiving such notifications, provide them in the Remove-NetworkListSubscription command.
Remove-NetworkListSubscription -Recipients 'jsmith@example.com' -UniquedIDs '12345_MYNETWORKLIST'
Neither of these two functions returns an output.
Updated about 16 hours ago