Oracle Cloud Infrastructure Documentation

Adding Origins and Origin Groups

Describes how to add an origin or an origin group to an edge policy.

    1. Open the navigation menu and click Identity & Security. Under Web Application Firewall, click Policies.

      Alternatively, open the Web Application Firewall page and click Policies under Resources.

      The WAF Policies page appears.

    2. Select the Compartment from the list.

      All the WAF policies in that compartment are listed in tabular form.

    3. (Optional) Apply one or more of the following Filters to limit the edge policies displayed:

      • State

      • Name

      • Policy Type: Select Edge Policy.

    4. Click the name of the edge policy to which you want to add an origin. 

      The Details page of the edge policy you selected appears.

    5. Click Settings under WAF Policies.

      The Settings list appears.

    6. Select the Origin Groups tab.

      If more than one origin for the edge policy exists, the origins and its group appear.

    7. Click Edit.
      The Origin Groups dialog box appears. If only one origin defined for the edge policy exists, the origin belongs to a default origin group.

      Optionally, you can edit the name of the existing default group or add another group to group multiple origins. You can use origin groups to specify the default origin that is used in your edge policy.

    8. Click + Additional Origin below the origin group where you want to add an origin.
    9. Complete the following:

      • Name: Accept the existing Default Group name, or enter a new origin group name. The origin you create resides under this origin group.

      • Default Origin: If multiple origins are listed, click which one you want to be the default origin.

      • Name: Enter the name of the origin.

      • URI: Enter the IPv4 address or FQDN of the origin.

      • HTTP Port: Enter the HTTP port on the origin that the web application listens on. The default port is 80.

      • HTTPS Port: The HTTPS port on the origin that the web application listens on. The default port is 443.

      • Weight: The weight of the origin within the group is used for load balancing purposes. Origins with higher weights receive larger proportions of client requests.

      Click + Additional Origin to add another origin row for you to complete. Click X to remove an associated origin.

    10. (optional) Click + Additional Group to add another origin group.

      Enter a name for the origin group and add at least one origin using the same method as described earlier. Indicate which origin is the default if your origin group has multiple origins.

    11. Click Save Changes.
    Publish your changes for them to take effect. See Publishing Changes.

  • Use the oci waf web-app-firewall-policy create command and required parameters to add an origin or an origin group to an edge policy:

    oci waf web-app-firewall-policy create --compartment-id compartment_ocid [OPTIONS]

    For a complete list of flags and variable options for CLI commands, see the Command Line Reference.

  • Run the CreateWaasPolicy operation to add an origin or an origin group to an edge policy.