You can restrict access to your instance by configuring an allowlist when creating an instance, or by editing an existing instance. When the allowlist is enabled, only user Classless Inter-Domain Routing (CIDR) blocks and networks on the list can access the instance.

1. Enable allow lists in your instance.
   • If you are creating an instance, select Secure access from allowed IPs and VCNs only in the Choose network access pane in the Create Instance dialog.
   • If you are editing an instance without access rules:
     1. Open the Visual Builder Instance Details page for the instance in the OCI Console.
     2. Click Edit to open the Edit Visual Builder Instance dialog.
     3. Select Secure access from allowed IPs and VCNs only in the Choose network access pane in the dialog.

   If there are no rules listed in the pane, a new empty rule is created when you select the option. There are three types of rules you can define to restrict access. This image shows examples of each rule type.

   
   

   
   Description of the illustration admin-network-access.png

   
   

   If you want to disable all allow lists, to allow all networks access to the instance, click Default in the Choose network access pane.

2. Select a rule type based on the details you know for the instance, and then enter the details.

   You create a rule for each user/network you want in the allowlist.

   • IP Address/CIDR Block. Select this type if you only know the IP address or Classless Inter-Domain Routing (CIDR) block (an IP range) of the instance.

     In the IP Address/CIDR Block field, enter the public IP address or CIDR block that is visible on the public internet that you want to grant access.

   • Virtual Cloud Network. Select this type if you know the Virtual Cloud Network of the instance and the network route is going through an Oracle Cloud Infrastructure Service Gateway. See Access to Oracle Services: Service Gateway for more information.
     • In the VCN OCID field, enter the OCID of the VCN you want to grant access from.
     • Optionally, in the IP address/CIDR block field, enter private IP addresses or private CIDR blocks as a comma separated list to allow specific clients in the VCN.
   • Virtual Cloud Network OCID. Select this type if you know the Virtual Cloud Network of the instance and the network route is going through an Oracle Cloud Infrastructure Service Gateway. See Access to Oracle Services: Service Gateway for more information.
     • Select the VCN that you want to grant access from. If you do not have the privileges to see the VCNs in your tenancy, this list is empty. In this case, select the Virtual Cloud Network (VCN) OCID option to specify the OCID of the VCN.
     • Optionally, in the IP address/CIDR block field, enter private IP addresses or private CIDR blocks as a comma separated list to allow specific clients in the VCN.
3. Click Add Another Entry to create a new rule.
4. Click x to remove an entry.
   You can also clear the value in the IP addresses or CIDR blocks field to remove an entry.