Create a Security Application

post

/secapplication/

Creates a security application. After creating security applications, you can use them in security rules by using the HTTP request, POST /secrule/ (Create a Security Rule).

Required Role: To complete this task, you must have the Compute_Operations role. If this role isn't assigned to you or you're not sure, then ask your system administrator to ensure that the role is assigned to you in Oracle Cloud My Services. See Modifying User Roles in Managing and Monitoring Oracle Cloud.

Request

Supported Media Types
Header Parameters
Body ()
The request body contains details of the security application that you want to create.
Root Schema : SecApplication-post-request
Type: object
The request body contains details of the security application that you want to create.
Show Source
  • A description of the security application.

  • The TCP or UDP destination port number.

    You can also specify a port range, such as 5900-5999 for TCP.

    If you specify tcp or udp as the protocol, then the dport parameter is required; otherwise, it is optional.

    This parameter isn't relevant to the icmp protocol.

    Note: This request fails if the range-end is lower than the range-start. For example, if you specify the port range as 5000-4000.

  • The ICMP code.

    This parameter is relevant only if you specify icmp as the protocol. You can specify one of the following values:

    • network
    • host
    • protocol
    • port
    • df
    • admin

    If you specify icmp as the protocol and don't specify icmptype or icmpcode, then all ICMP packets are matched.

  • The ICMP type.

    This parameter is relevant only if you specify icmp as the protocol. You can specify one of the following values:

    • echo
    • reply
    • ttl
    • traceroute
    • unreachable

    If you specify icmp as the protocol and don't specify icmptype or icmpcode, then all ICMP packets are matched.

  • The three-part name of the object (/Compute-identity_domain/user/object).

    Object names can contain only alphanumeric characters, hyphens, underscores, and periods. Object names are case-sensitive.

  • The protocol to use.

    The value that you specify can be either a text representation of a protocol or any unsigned 8-bit assigned protocol number in the range 0-254. See Assigned Internet Protocol Numbers.

    For example, you can specify either tcp or the number 6.

    The following text representations are allowed: tcp, udp, icmp, igmp, ipip, rdp, esp, ah, gre, icmpv6, ospf, pim, sctp, mplsip, all.

    To specify all protocols, set this to all.

Response

Supported Media Types

201 Response

Created. See Status Codes for information about other possible HTTP status codes.
Headers
Body ()
Root Schema : SecApplication-response
Type: object
Show Source
  • A description of the security application.

  • The TCP or UDP destination port number.

    You can also specify a port range, such as 5900-5999 for TCP.

    If you specify tcp or udp as the protocol, then the dport parameter is required; otherwise, it is optional.

    This parameter isn't relevant to the icmp protocol.

    Note: This request fails if the range-end is lower than the range-start. For example, if you specify the port range as 5000-4000.

  • The ICMP code.

    This parameter is relevant only if you specify icmp as the protocol. You can specify one of the following values:

    • network
    • host
    • protocol
    • port
    • df
    • admin

    If you specify icmp as the protocol and don't specify icmptype or icmpcode, then all ICMP packets are matched.

  • The ICMP type.

    This parameter is relevant only if you specify icmp as the protocol. You can specify one of the following values:

    • echo
    • reply
    • ttl
    • traceroute
    • unreachable

    If you specify icmp as the protocol and don't specify icmptype or icmpcode, then all ICMP packets are matched.

  • The three-part name of the object (/Compute-identity_domain/user/object).
  • The protocol to use.

    The value that you specify can be either a text representation of a protocol or any unsigned 8-bit assigned protocol number in the range 0-254. See Assigned Internet Protocol Numbers.

    For example, you can specify either tcp or the number 6.

    The following text representations are allowed: tcp, udp, icmp, igmp, ipip, rdp, esp, ah, gre, icmpv6, ospf, pim, sctp, mplsip, all.

    To specify all protocols, set this to all.

  • Uniform Resource Identifier

Examples

cURL Command

The following example shows how to add a security application by submitting a POST request on the REST resource using cURL. For more information about cURL, see Use cURL.

Enter the command on a single line. Line breaks are used in this example for readability.

curl -i -X POST
     -H "Cookie: $COMPUTE_COOKIE"
     -H "Content-Type: application/oracle-compute-v3+json"
     -H "Accept: application/oracle-compute-v3+json"
     -d "@requestbody.json"
        https://api-z999.compute.us0.oraclecloud.com/secapplication/
  • COMPUTE_COOKIE is the name of the variable in which you stored the authentication cookie earlier. For information about retrieving the authentication cookie and storing it in a variable, see Authentication.

  • api-z999.compute.us0.oraclecloud.com is an example REST endpoint URL. Change this value to the REST endpoint URL of your Compute Classic site. For information about finding out REST endpoint URL for your site, see Send Requests.

Example of Request Body

The following shows an example of the request body content in the requestbody.json file to create a security application called /Compute-acme/jack.jones@example.com/vid_stream_udp.

Some lines may be truncated with ellipses (...) for readability.

{
 "protocol": "udp",
 "name": "/Compute-acme/jack.jones@example.com/vid_stream_udp",
 "dport": "70",
}

Example of Response Body

The following example shows the response body in JSON format.

Some lines may be truncated with ellipses (...) for readability.

{
 "protocol": "udp",
 "name": "/Compute-acme/jack.jones@example.com/vid_stream_udp",
 "uri": "https://api-z999.compute.us0.oraclecloud.com/secapplication/Compute-acme/jack.jones@example.com/vid_stream_udp",
 "icmptype": "",
 "dport": "70",
 "icmpcode": ""
}