Configure an Allowlist for Your Instance
Your allowlist can contain up to 15 rules for File Server and up to 15 rules for HTTPS connections to your Oracle Integration instance. The allowlist restrictions that you create are in addition to the standard authorization mechanisms, such as user credentials, which are always in place.
- Sign in to the Oracle Cloud Infrastructure Console.
- Open the navigation menu and click Developer Services. Under Application Integration, click Integration.
- Open the instance for which you want to configure the allowlist.
- On the Integration instance details page, in the service-level navigation on the left, click Network Access.
- In the Network Access area, click Edit.One of the following dialogs is displayed:
- If your organization has enabled File Server but hasn't created its allowlist yet, the Apply HTTP Settings to File Server dialog is displayed.
- Otherwise, the Edit network access dialog is displayed. You can skip to step 7.
- If the Apply HTTP Settings to File Server dialog is
displayed, decide whether to apply your organization's HTTP allowlist rules to
File Server. Applying your HTTP rules to File Server can save you some time when setting up
your allowlist for File Server. Click
Apply to carry the rules over to File Server, or
click Ignore to skip this step.The Edit network access dialog is displayed.
- In the Edit network access dialog, make sure Restrict network access is selected so that you can add and apply allowlist rules.
When this option is selected, only users from networks that meet the configured settings are allowed to access your Oracle Integration instance.
If you don't select this option, or if you select this option and don't configure any allowlist rules, there are no network restrictions to access your instance.
Caution:
If you deselect Restrict network access after configuring allowlist rules, all configured allowlist rules are deleted. - If you want to allow Oracle Integration to call itself, select Enable loopback.Note
If you enable loopback, any Oracle Integration instance in your region can call your instance.Loopback is required for certain calls. You must enable loopback for the following scenarios:
- To invoke an Oracle Integration API from within an integration. Use a REST connection to call the API.
- To call your integration from another Oracle Integration instance.
This setting doesn't apply to File Server.
- If necessary, add a rule. If you haven't previously added rules, you see a blank rule. If you already have rules, click Add rule, located below the last rule in the list. You might need to scroll down to see the button.
- Configure a rule by specifying the following information:
- ProtocolSelect the protocol to which the rule applies:
- HTTP
- File Server
- HTTP and File Server
- Type
If you selected File Server or HTTP and File Server, the only type is IP address/CIDR block, so you don't select a type.
If you selected HTTP, select what you want to allowlist:- IP address/CIDR block
- Virtual cloud network
- Virtual cloud network OCID
- ValueEnter or select the specific IP address, CIDR block, VCN, or VCN OCID.
- In the IP address/CIDR block box, enter a single IP address or the first IP address in a CIDR block (an IP address range).
- In the Virtual cloud network drop-down list, choose a VCN. To select a VCN in another compartment, click Change compartment, and select a compartment.
- In the Virtual cloud network OCID box, enter the Oracle Cloud ID (OCID) of the VCN. For information about the OCID format, see Resource Identifiers.
- Secondary value
If you selected a VCN or VCN OCID, you can restrict access further by specifying an IP address or CIDR block within the VCN. In the IP address/CIDR block box, enter a single IP address or the first IP address in a CIDR block (an IP address range).
- Protocol
- To add another rule, click Add Rule.
- After adding all the desired rules to the allowlist, click Save.The work request is submitted and the changes go into effect when the instance status changes to Active.