Oracle Cloud Infrastructure Documentation

Adding an Edge Policy IP Address Allowlist

Describes how to add access IP address allowlists to an edge policy.

    1. Open the navigation menu and click Identity & Security. Under Web Application Firewall, click Policies.

      Alternatively, open the Web Application Firewall page and click Policies under Resources.

      The WAF Policies page appears.

    2. Select the Compartment from the list.

      All the WAF policies in that compartment are listed in tabular form.

    3. (Optional) Apply one or more of the following Filters to limit the edge policies displayed:

      • State

      • Name

      • Policy Type: Select Edge Policy.

    4. Click the name of the edge policy for which you want to add an IP address allowlist. 

      The Details page of the edge policy you selected appears.

    5. Click Access Control under WAF Policy.

      The Access Control list appears.

    6. Click the IP Whitelist tab.
    7. Complete the following:

      • Name: Enter the name for the IP addresses used in the list.

      • IP Addresses: Enter the trusted IP addresses included in the allowlist. This field supports CIDR notation.

      • + Add IP List: (optional): Click to display the Address list in <compartment> list. Select an existing IP address allowlist contained in the compartment. Click Change Compartment to select an IP address allowlist contained in a different compartment.

        You can add multiple IP lists. Click the X next to a list to remove it.

    8. Click Add.

      The IP address allowlist is added to the list.

    Publish your changes for them to take effect. See Publishing Changes.

  • Enter the following command and required parameters: 
    oci waas whitelist  update --waas-policy-id waas_policy_ocid --whitelists whitelists [OPTIONS]

    The whitelists value is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

    Create an IP address allowlist by adding a new allowlist object to the list without a key property specified. A key is generated for the new allowlist upon update.

    See the CLI online help for a list of optional parameters:

    oci waas whitelists update --help

    Refer to the Oracle Cloud Infrastructure documentation for a complete description of the oci waas whitelists update command.

  • Use the UpdateWhitelists operation to add an IP address allowlist using the API.

    Create an IP address allowlist by adding a new allowlist object to the list without a key property specified. A key is generated for the new allowlist upon update.