Learn how to update NAT Gateway firewall rule notes via portal or API.
Firewall rule updates allow you to modify the documentation notes attached to an existing rule. The traffic control parameters such as protocol, port, and subnet cannot be changed after the rule is created.
notes field can be modified after creating a firewall rule. To change the protocol, port, or subnet, delete the existing rule and create a new one with the desired configuration.
Follow this guide to update a NAT Gateway subscription firewall notes field using the Vultr Customer Portal, API, CLI, or Terraform.
Navigate to Products, expand the Network drop-down and select VPC Networks.
Select your target VPC Network with NAT Gateway connectivity.
Scroll to the NAT Firewall section.
Locate your target firewall rule in the list.
Click the Edit icon (pencil icon) for the rule you want to modify.
The Edit NAT Firewall Rule panel opens showing the current configuration. Only the Note field is editable. All other fields (Protocol, Subnet, Subnet Size, and Port/Range) are read-only.
Update the Note field with your new description.
Click Save Changes.
Send a GET request to the List VPCs endpoint to retrieve available VPCs.
$ curl "https://api.vultr.com/v2/vpcs" \
-X GET \
-H "Authorization: Bearer ${VULTR_API_KEY}"
The output displays all VPCs in your account. Note the id field for the target VPC.
Send a GET request to the List NAT Gateway subscriptions endpoint to retrieve the gateway ID. Replace VPC_ID with the ID from the previous step.
$ curl "https://api.vultr.com/v2/vpcs/VPC_ID/nat-gateway" \
-X GET \
-H "Authorization: Bearer ${VULTR_API_KEY}"
The output displays NAT Gateway subscriptions for the VPC. Note the id field for the target gateway.
Send a GET request to the List NAT Gateway Firewall Rules endpoint to retrieve firewall rule IDs. Replace VPC_ID and NAT_GATEWAY_ID with your values.
$ curl "https://api.vultr.com/v2/vpcs/VPC_ID/nat-gateway/NAT_GATEWAY_ID/global/firewall-rules" \
-X GET \
-H "Authorization: Bearer ${VULTR_API_KEY}"
The output displays all firewall rules for the gateway. Each rule includes an id, port, protocol, subnet, and notes field. Note the id field for the rule you want to update.
Send a PUT request to the Update NAT Gateway Firewall Rule endpoint. Replace VPC_ID, NAT_GATEWAY_ID, and FIREWALL_RULE_ID with your values.
$ curl "https://api.vultr.com/v2/vpcs/VPC_ID/nat-gateway/NAT_GATEWAY_ID/global/firewall-rules/FIREWALL_RULE_ID" \
-X PUT \
-H "Authorization: Bearer ${VULTR_API_KEY}" \
-H "Content-Type: application/json" \
--data '{
"notes": "Updated firewall rule description"
}'
The output displays the updated firewall rule configuration with the modified notes.
List all VPCs in your account to retrieve the VPC ID.
$ vultr-cli vpc list
List NAT Gateway subscriptions for the VPC to retrieve the NAT Gateway ID.
$ vultr-cli vpc nat-gateway list <VPC_ID>
List firewall rules for the NAT Gateway.
$ vultr-cli vpc nat-gateway firewall-rule list <VPC_ID> <NAT_GATEWAY_ID>
Update the firewall rule notes.
$ vultr-cli vpc nat-gateway firewall-rule update <VPC_ID> <NAT_GATEWAY_ID> <FIREWALL_RULE_ID> \
--notes="Updated firewall rule description"
Run vultr-cli vpc nat-gateway firewall-rule update --help to view all available options.
Modify the notes attribute in your existing vultr_nat_gateway_firewall_rule resource block.
resource "vultr_nat_gateway_firewall_rule" "https" {
vpc_id = vultr_vpc.my_vpc.id
nat_gateway_id = vultr_nat_gateway.my_nat.id
protocol = "tcp"
port = "443"
subnet = "0.0.0.0"
subnet_size = 0
notes = "Updated firewall rule description"
}
notes field can be updated in place. Changing protocol, port, subnet, or subnet_size causes Terraform to destroy and recreate the resource.
Apply the configuration and observe the following output:
Apply complete! Resources: 0 added, 1 changed, 0 destroyed.