Before You Begin
Purpose
This tutorial guides you through the creation of Oracle Data Integration Platform Cloud access rules.
Time to Complete
Approximately 10 minutes
Background
In an access rule, you define sources, destinations, and ports to control network access to or from your cloud service components. The Data Integration Platform Cloud service console, includes a menu with options for you to create access rules.
Available sources and targets are:
- OTD_ADMIN_HOST: The first Oracle Traffic Director (OTD) load balancer node
- OTD_OTD_SERVER: All OTD load balancer nodes
- WLS_ADMIN: All WebLogic Administration Server nodes
- WLS_ADMIN_HOST: The WebLogic Administration Server node
- WLS_MS: All WebLogic Server nodes
Additional acceptible sources are:
- PUBLIC-INTERNET: Any host on the internet
- DBaaS:Name:DB: The database service named Name
- custom: A custom list of addresses from which traffic should be allowed. In the field that appears below this one, enter a comma-separated list of subnets, in CIDR format or IPv4 addresses for which you want to permit access to.
What Do You Need?
- An Oracle Data Integration Platform Cloud instance. In this tutorial, this instance is called DIPCDEF.
Creating Custom Access Rules
From the Data Integration Platform Cloud Services page, select a service instance and then click Manage this service.
View ImageDescription of this image From the Manage this service menu, select Access Rules.
View ImageDescription of this image - On the Access Rules, page, click Create Rule.
View Image
Description of this image - Complete the fields as follows, and then click Create:
- Rule Name:
ABC_Access_Rule
- Description:
Access from HQ servers to DIPCABC VM, covering <IP address 1> through <IP address 3>, via port 7023
- Source: Select <custom
.
To enter a valid IP address range, write the first IP address, append a slash and then enter the last number of the range. For example, for<ip address ending in 1> through <same ip address, except for the last number being 3>
, you wtritex......1/3
in the field that appears for custom IP addresses when you select <custom>.
By using slash, you are providing a range of custom IP addresses. You may also just write one IP address, or separate the IP addresses with commas.
- Destination: Select WLS_ADMIN.
- Destination Port(s):
7023
Note: In addition to the listed ports on the Access Rules page, to find out if other ports are taken on your VM, use thenetstat
command. With this command you'll find out which process or program is using a certain port. If that port is taken, then assign a different port for the destination. For example, for port 7023, the command is:$ netstat -na | grep 7023
- Protocol: Select TCP.
View ImageDescription of this image - Rule Name:
- Confirm that a message appears that the Creation of [ABC_Access_Rule] is in progress.
View Image
Description of this image - Refresh the page until the rule appears in the list of Access Rules for your instance.You may need to go to the second page to find the rule.
View ImageDescription of this image
Click the Actions Menu for your access rule to disable, enable or delete it.