Creating a Web Application Firewall Network Address List
Describes how to create a network address list for a web application firewall policy.
Using the Console
Open the navigation menu and click Identity & Security. Under Web Application Firewall, click
Network Address List.
Alternatively, open the Web Application Firewall page and click Network Address List under Resources.
The WAF Network Address List page appears.
- Choose a Compartment you have permission to work in under List Scope.
Click Create WAF Network Address List.
The Create WAF Network Address List dialog box appears.
Complete the following:
Name: Enter the name of the network address list.
Create in Compartment: Select the compartment that contains the network address list you are creating.
Address Type: Specify the address type and its associated requirements:
Addresses: Use this type of network address list to match traffic coming from the internet or traffic coming from the same VCN where the associated load balancer is hosted.
IP Addresses: Enter each IP address and CIDR IP range on a separate line within the box.
VCN Addresses: Use this type of network address list to match traffic coming from other VCNs through service gateways or private endpoints.
Virtual Cloud Network: Select the VCN associated with your list of private IP addresses. Click Change Compartment to choose a VCN in a different compartment.
VCN IP Addresses: Enter each IP address and CIDR IP range on a separate line within the box.
Click +Another Set of Private IP Addresses to display another private IP addresses row to complete. Click X to delete the associated private IP addresses row.
Show Tagging Options: Click to display the tagging option fields for the WAF policy. See Tagging Resources for more information.
- Click Create.
Using the CLI
Use the oci waf network-address-list create-addresses-list command and required parameters to create a network address list for a web application firewall policy:
oci waf network-address-list create-addresses-list --compartment-id compartment_id --addresses addresses [OPTIONS]
For a complete list of flags and variable options for CLI commands, see the Command Line Reference.
Using the API
Run the CreateNetworkAddressList operation to create a network address list.