Updating a DNAT Rule

Function

This API is used to update a DNAT rule.

Constraints

You can update a DNAT rule only when its status is set to ACTIVE and admin_state_up of the NAT gateway administrator to True. Specify either port_id or private_ip at a time. If you are going to update a DNAT rule that allows traffic to and from all ports of a server and an EIP, set internal_service_port to 0, external_service_port to 0, and protocol to ANY. The following fields must be updated together: port_id, private_ip, internal_service_port, external_service_port, floating_ip_id, protocol, internal_service_port_range, and external_service_port_range.

Calling Method

For details, see Calling APIs.

Authorization Information

Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.

If you are using role/policy-based authorization, see Permissions Policies and Supported Actions for details on the required permissions.

If you are using identity policy-based authorization, the following identity policy-based permissions are required.

Action	Access Level	Resource Type (*: required)	Condition Key	Alias	Dependencies
nat:dnatRules:update	Write	gateway *	g:ResourceTag/<tag-key>	-	eip:publicIps:associateInstance eip:publicIps:disassociateInstance
		dnatRule *	-
		publicip	-
		globalEip	-
		port	-
		-	g:EnterpriseProjectId

URI

PUT /v2/{project_id}/dnat_rules/{dnat_rule_id}

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Specifies the project ID.
dnat_rule_id	Yes	String	Specifies the DNAT rule ID.

Request Parameters

**Table 2** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	Specifies the user token. It is a response to the API for obtaining a user token. This API is the only one that does not require authentication. The value of X-Subject-Token in the response header is the token value.

**Table 3** Request body parameters
Parameter	Mandatory	Type	Description
dnat_rule	Yes	UpdateNatGatewayDnatRuleOption object	Specifies the request body for updating the DNAT rule.

**Table 4** UpdateNatGatewayDnatRuleOption
Parameter	Mandatory	Type	Description
nat_gateway_id	Yes	String	Specifies the NAT gateway ID.
description	No	String	Provides supplementary information about the DNAT rule. The description can contain up to 255 characters and cannot contain angle brackets (<>).
port_id	No	String	Specifies the port ID of an ECS or BMS. This parameter applies to VPC scenarios. Configure either port_id or private_ip.
private_ip	No	String	Specifies the private IP address of a user. This parameter applies to Direct Connect and Cloud Connect scenarios. Configure either private_ip or port_id.
protocol	No	String	Specifies the protocol. TCP, UDP, and ANY are supported. The protocol number of TCP, UDP, and ANY are 6, 17, and 0, respectively.
global_eip_id	No	String	Specifies the global EIP ID. Configure either the EIP ID or the global EIP ID.
floating_ip_id	No	String	Specifies the EIP ID.
internal_service_port	No	Integer	Specifies the port used by ECSs or BMSs to provide services for external systems. Supported range: 0 to 65535
external_service_port	No	Integer	Specifies the port used by the floating IP address to provide services for external systems. Supported range: 0 to 65535
internal_service_port_range	No	String	Specifies the port range used by ECSs or BMSs to provide services for external systems. The number of ports must be the same as that of external_service_port_range. The value ranges from 1 to 65535. Constraints: Port ranges can only be connected using hyphens (-).
external_service_port_range	No	String	Specifies the port range used by the floating IP address to provide services for external systems. The number of ports must be the same as that of internal_service_port_range. The value ranges from 1 to 65535. Constraints: Port ranges can only be connected using hyphens (-).

Response Parameters

Status code: 200

**Table 5** Response body parameters
Parameter	Type	Description
dnat_rule	NatGatewayDnatRuleResponseBody object	Specifies the response body of the DNAT rule.

**Table 6** NatGatewayDnatRuleResponseBody
Parameter	Type	Description
id	String	Specifies the DNAT rule ID.
tenant_id	String	Specifies the project ID.
description	String	Provides supplementary information about the DNAT rule. The description can contain up to 255 characters and cannot contain angle brackets (<>).
port_id	String	Specifies the port ID of an ECS or BMS. This parameter applies to VPC scenarios. Configure either port_id or private_ip.
private_ip	String	Specifies the private IP address of a user. This parameter applies to Direct Connect and Cloud Connect scenarios. Configure either private_ip or port_id.
internal_service_port	Integer	Specifies the port used by ECSs or BMSs to provide services for external systems. Supported range: 0 to 65535
nat_gateway_id	String	Specifies the public NAT gateway ID.
global_eip_id	String	Specifies the global EIP ID. Configure either the EIP ID or the global EIP ID.
global_eip_address	String	Specifies the global EIP.
floating_ip_id	String	Specifies the EIP ID.
floating_ip_address	String	Specifies the EIP address.
external_service_port	Integer	Specifies the port used by the floating IP address to provide services for external systems. Supported range: 0 to 65535
status	String	Specifies the DNAT rule status. The value can be: ACTIVE: The DNAT rule is available. PENDING_CREATE: The DNAT rule is being created. PENDING_UPDATE: The DNAT rule is being updated. PENDING_DELETE: The DNAT rule is being deleted. EIP_FREEZED: The EIP is frozen. INACTIVE: The DNAT rule is unavailable.
admin_state_up	Boolean	Specifies whether the instance is unfrozen or frozen. The value can be: true: unfrozen false: frozen
internal_service_port_range	String	Specifies the port range used by ECSs or BMSs to provide services for external systems. The number of ports must be the same as that of external_service_port_range. The value ranges from 1 to 65535. Constraints: Port ranges can only be connected using hyphens (-).
external_service_port_range	String	Specifies the port range used by the floating IP address to provide services for external systems. The number of ports must be the same as that of internal_service_port_range. The value ranges from 1 to 65535. Constraints: Port ranges can only be connected using hyphens (-).
protocol	String	Specifies the protocol. TCP, UDP, and ANY are supported. The protocol number of TCP, UDP, and ANY are 6, 17, and 0, respectively.
created_at	String	Specifies when the DNAT rule was created. The time is in yyyy-mm-dd hh:mm:ss.SSSSSS format.

Example Requests

PUT https://{NAT_endpoint}/v2/d199ba7e0ba64899b2e81518104b1526/dnat_rules/79195d50-0271-41f1-bded-4c089b2502ff

{
  "dnat_rule" : {
    "nat_gateway_id" : "a78fb3eb-1654-4710-8742-3fc49d5f04f8",
    "description" : "my dnat-rules"
  }
}

Example Responses

Status code: 200

DNAT rule updated.

{
  "dnat_rule" : {
    "status" : "ACTIVE",
    "nat_gateway_id" : "a78fb3eb-1654-4710-8742-3fc49d5f04f8",
    "admin_state_up" : true,
    "port_id" : "9a469561-daac-4c94-88f5-39366e5ea193",
    "internal_service_port" : 993,
    "protocol" : "tcp",
    "tenant_id" : "d199ba7e0ba64899b2e81518104b1526",
    "floating_ip_id" : "cf99c679-9f41-4dac-8513-9c9228e713e1",
    "created_at" : "2017-11-15 15:44:42.595173",
    "id" : "79195d50-0271-41f1-bded-4c089b2502ff",
    "floating_ip_address" : "5.21.11.226",
    "external_service_port" : 242,
    "description" : "my dnat rule"
  }
}

Status Codes

Status Code	Description
200	DNAT rule updated.

Error Codes

See Error Codes.

Parent topic: DNAT Rules

Previous topic: Deleting a DNAT Rule

Next topic: Querying Details of a DNAT Rule

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.

The system is busy. Please try again later.