Question: How to Create a Vultr Firewall Group
A process that prepares and configures a server or service for use after initial deployment.
Vultr Firewall is a web-based service that filters network traffic to instances in your Vultr account using groups. A Vultr Firewall group consists of multiple IPv4 and IPv6 network rules that enable you to define specific ports and traffic sources to your instances.
Follow this guide to create a new Vultr Firewall group to manage network traffic filtering rules using the Vultr Customer Portal, API, CLI, or Terraform.
Vultr Customer Portal
1.Navigate to Products, expand the Network drop-down and select Firewall from the list of options.
2.Click Add Firewall to set up a new firewall group.
3.Enter your firewall group label in the Description field
4.Click Add Firewall Group to apply the group and manage the network filtering rules.
Vultr API
1.Send a GET request to the List Firewall Groups endpoint and verify all active firewall groups in your Vultr account.
console
$ curl "https://api.vultr.com/v2/firewalls" \
-X GET \
-H "Authorization: Bearer ${VULTR_API_KEY}"
2.Send a POST request to the Create Firewall Group endpoint to create a new Vultr Firewall group.
console
$ curl "https://api.vultr.com/v2/firewalls" \
-X POST \
-H "Authorization: Bearer ${VULTR_API_KEY}"
Visit the List Firewall Groups API page to view additional attributes to apply on the firewall group.
Vultr CLI
1.List all Vultr Firewall groups in your account.
console
$ vultr-cli firewall group list
2.Create a new Vultr Firewall group.
console
$ vultr-cli firewall group create --description <label>
Run vultr-cli firewall group create --help to view additional options to apply on the firewall group.
Terraform
1.Ensure the Vultr Terraform provider is configured in your Terraform project.
2.Create a firewall group (and optionally a rule), then apply.
terraform
resource "vultr_firewall_group" "web" {
description = "web-fw"
}
resource "vultr_firewall_rule" "allow_http" {
firewall_group_id = vultr_firewall_group.web.id
protocol = "tcp"
port = "80"
ip_type = "v4"
subnet = "0.0.0.0"
subnet_size = 0
notes = "Allow HTTP"
}
3.Apply the configuration and observe the following output:
Apply complete! Resources: 2 added, 0 changed, 0 destroyed.