Managing Security Attributes for a Private Endpoint

Add or remove security attributes for a private endpoint in Resource Manager.

You can use Zero Trust Packet Routing (ZPR) along with or in place of network security groups to manage network access to OCI resources . To do this, define ZPR policies that govern how resources communicate with each other, and then add security attributes to those resources. For more information, see Zero Trust Packet Routing.

Caution

If an endpoint has a Zero Trust Packet Routing (ZPR) security attribute, traffic to the endpoint must satisfy ZPR policies and also all NSG and security list rules. For example, if you're already using NSGs and you add a security attribute to an endpoint, all traffic to the endpoint is blocked. From then onward, a ZPR policy must explicitly allow traffic to the endpoint.
    1. On the Private endpoints list page, find the private endpoint that you want to work with. If you need help finding the list page or the private endpoint, see Listing Private Endpoints.
    2. From the Actions menu (three dots) for the private endpoint, select Add security attributes.
    3. In the Add security attributes dialog window, add or delete security attributes to the private endpoint.
    4. Select Add security attributes.
  • Use the oci resource-manager private-endpoint update command and --security-attributes parameter to manage security attributes for a private endpoint.

    oci resource-manager private-endpoint update --private-endpoint-id <private_endpoint_ocid> --security-attributes <security-attributes>

    For a complete list of parameters and values for CLI commands, see the CLI Command Reference.

  • Use the UpdatePrivateEndpoint operation and securityAttributes attribute to manage security attributes for a private endpoint.