1. Compute Classic REST API (IaaS)REST API for Oracle Cloud Infrastructure Compute Classic
  2. Use Cases
  3. Opening Ports on Instances

Opening Ports on Instances

By default, inbound traffic is not allowed to Compute Classic instances. Instances in a security list can communicate with other instances in the same security list, but inbound traffic to the security list is not permitted by default. To open a port for Compute Classic instances in a security list by using the REST API, you must create a security rule, specifying the source from which traffic should be permitted, the protocol and port over which the traffic should be allowed, and the security list (containing your instance) to which traffic should be allowed.

Prerequisites

  • Ensure that the instances for which you want to open ports are in a security list. See Setting Up Firewalls Around Instances.

  • Identify the source from which you want to allow traffic to your instances. The source can be other Compute Classic instances or hosts external to Compute Classic.

Workflow

Task REST API Call
1. Do one of the following:

  • If the source from which you want to allow traffic is a set of other Compute Classic instances, then identify the security list to which those instances belong.

    If those instances aren't part of a security list, then create one and add the instances to the new security list.

  • If the source from which you want to allow traffic is a set of external hosts, then create a security IP list containing those hosts.

  • If the source is a set of other Compute Classic instances, and if those instances aren't part of a security list:

    Setting Up Firewalls Around Instances

  • If the source is a set of external hosts, and if those hosts aren't part of a security IP list:

    POST /seciplist/
2. Identify the security application (that is, the protocol-port combination) over which you want to permit traffic. GET /secapplication/{container}/
3. If the security application that you need does not exist, then create one. POST /secapplication/
4. Create a security rule, specifying the source (security list or security IP list) from which traffic should be permitted, the security application over which the traffic should be allowed, and the security list (containing your instance) to which traffic should be allowed. POST /secrule/

See Also:

The following topics in Using Oracle Cloud Infrastructure Compute Classic: