How to Link a Vultr Firewall Group to an Instance

Updated on September 25, 2024

Linking a Vultr Firewall group to an instance enables the group's filtering rules to the main network interface. A Vultr Firewall group consists of multiple rules that define the flow of traffic and enable filtering of specific requests when linked to an instance.

Follow this guide to link a Vultr Firewall group to an instance using the Vultr Customer Portal, API, or CLI.

  • Vultr Customer Portal
  • Vultr API
  • Vultr CLI
  1. Navigate to Products, expand the Network drop-down and select Firewall from the list of options.

    Select Firewall

  2. Select your target firewall group to manage it.

    Select Firewall Group

  3. Click Linked Instances on the left navigation menu.

    Access Linked Instances

  4. Click the Server drop-down and select your target instance from the list and click Add to link the firewall group to the instance.

    Link new Instances

  1. Send a GET request to the List Firewall Groups endpoint and note the target firewall group's ID in your output.

    console
    $ curl "https://api.vultr.com/v2/firewalls" \
      -X GET \
      -H "Authorization: Bearer ${VULTR_API_KEY}"
    
  2. Send a GET request to the List Instances endpoint and the target instance ID.

    console
    $ curl "https://api.vultr.com/v2/instances" \
      -X GET \
      -H "Authorization: Bearer ${VULTR_API_KEY}"
    
  3. Send a PATCH request to the Update Instance endpoint with a new firewall_group_id value to link the instance to the firewall group.

    console
    $ curl "https://api.vultr.com/v2/instances/{instance-id}" \
       -X PATCH \
       -H "Authorization: Bearer ${VULTR_API_KEY}" \
       -H "Content-Type: application/json" \
       --data '{
        "firewall_group_id" : "<target-firewall-group>"
    }'
    
  1. List all firewall groups in your Vultr account and note the target firewall group ID..

    console
    $ vultr-cli firewall group list
    
  2. List all instances in your Vultr account and note the target instance ID.

    console
    $ vultr-cli instance list
    
  3. Link the firewall group to the instance.

    console
    $ vultr-cli instance update-firewall-group --instance-id  <target-instance>  --firewall-group-id  <target-firewall-group>