Creating Access Rules for Data Integration Platform Cloud

 

Before You Begin

Purpose

This tutorial guides you through the creation of Oracle Data Integration Platform Cloud access rules.

Time to Complete

Approximately 10 minutes

Background

In an access rule, you define sources, destinations, and ports to control network access to or from your cloud service components. The Data Integration Platform Cloud service console, includes a menu with options for you to create access rules.

Available sources and targets are:

  • OTD_ADMIN_HOST: The first Oracle Traffic Director (OTD) load balancer node
  • OTD_OTD_SERVER: All OTD load balancer nodes
  • WLS_ADMIN: All WebLogic Administration Server nodes
  • WLS_ADMIN_HOST: The WebLogic Administration Server node
  • WLS_MS: All WebLogic Server nodes

Additional acceptible sources are:

  • PUBLIC-INTERNET: Any host on the internet
  • DBaaS:Name:DB: The database service named Name
  • custom: A custom list of addresses from which traffic should be allowed. In the field that appears below this one, enter a comma-separated list of subnets, in CIDR format or IPv4 addresses for which you want to permit access to.

 

What Do You Need?

  • An Oracle Data Integration Platform Cloud instance. In this tutorial, this instance is called DIPCDEF.
 

Creating Custom Access Rules

  1. From the Data Integration Platform Cloud Services page, select a service instance and then click Manage this service.

    Data Integration Platform Cloud Services page
    Description of this image

  2. From the Manage this service menu, select Access Rules.

    Manage this service menu - Access Rules
    Description of this image
  3. On the Access Rules, page, click Create Rule.
    Access Rules Menu
    Description of this image
  4. Complete the fields as follows, and then click Create:
    • Rule Name: ABC_Access_Rule
    • Description: Access from HQ servers to DIPCABC VM, covering <IP address 1> through <IP address 3>, via port 7023
    • Source: Select <custom. To enter a valid IP address range, write the first IP address, append a slash and then enter the last number of the range. For example, for <ip address ending in 1> through <same ip address, except for the last number being 3>, you wtrite x......1/3in the field that appears for custom IP addresses when you select <custom>.

      By using slash, you are providing a range of custom IP addresses. You may also just write one IP address, or separate the IP addresses with commas.

    • Destination: Select WLS_ADMIN.
    • Destination Port(s): 7023
      Note:  In addition to the listed ports on the Access Rules page, to find out if other ports are taken on your VM, use the netstat command. With this command you'll find out which process or program is using a certain port. If that port is taken, then assign a different port for the destination. For example, for port 7023, the command is:

      $ netstat -na | grep 7023

    • Protocol: Select TCP.
      • Create an Access Rule
      Description of this image
  5. Confirm that a message appears that the Creation of [ABC_Access_Rule] is in progress.
    Access Rule creation in progress.
    Description of this image
  6. Refresh the page until the rule appears in the list of Access Rules for your instance.You may need to go to the second page to find the rule.
    User Access Rule created
    Description of this image

Click the Actions Menu  for your access rule to disable, enable or delete it.

 

Want to Learn More?