Create a Security Association
/secassociation/
Caution: When you add an instance to a security list, all the security rules that use that security list-as either the source or destination-are applicable to the instance. Consider a security list that is the destination in two security rules, one rule that allows SSH access from the public Internet and another rule permitting HTTPS traffic from the public Internet. When you add an instance to this security list, the instance is accessible from the public Internet over both SSH and HTTPS. Keep this in mind when you decide the security lists that you want to add an instance to.
Required Role: To complete this task, you must have the Compute_Operations
role. If this role isn't assigned to you or you're not sure, then ask your system administrator to ensure that the role is assigned to you in Oracle Cloud My Services. See Modifying User Roles in Managing and Monitoring Oracle Cloud.
Request
- application/oracle-compute-v3+json
-
Cookie: string
The Cookie: header must be included with every request to the service. It must be set to the value of the set-cookie header in the response received to the POST /authenticate/ call.
object
-
name(optional):
string
The three-part name of the object (
/Compute-identity_domain/user/object
).If you don't specify a name for this object, then the name is generated automatically.
Object names can contain only alphanumeric characters, hyphens, underscores, and periods. Object names are case-sensitive.
-
seclist:
string
Security list that you want to associate with the instance.
-
vcable:
string
vcable of the instance that you want to associate with the security list.
For more information about the vcable of an instance, see Retrieve Details of an Instance.
Response
- application/oracle-compute-v3+json
201 Response
-
set-cookie: string
The cookie value is returned if the session is extended
object
-
name(optional):
string
The three-part name of the object (
/Compute-identity_domain/user/object
). -
seclist(optional):
string
Security list that you want to associate with the instance.
-
uri(optional):
string
Uniform Resource Identifier
-
vcable(optional):
string
vcable of the instance that you want to associate with the security list.
For more information about the vcable of an instance, see Retrieve Details of an Instance.
Examples
cURL Command
The following example shows how to add a security association by submitting a POST request on the REST resource using cURL. For more information about cURL, see Use cURL.
Enter the command on a single line. Line breaks are used in this example for readability.
curl -i -X POST -H "Cookie: $COMPUTE_COOKIE" -H "Content-Type: application/oracle-compute-v3+json" -H "Accept: application/oracle-compute-v3+json" -d "@requestbody.json" https://api-z999.compute.us0.oraclecloud.com/secassociation/
-
COMPUTE_COOKIE
is the name of the variable in which you stored the authentication cookie earlier. For information about retrieving the authentication cookie and storing it in a variable, see Authentication. -
api-z999.compute.us0.oraclecloud.com
is an example REST endpoint URL. Change this value to the REST endpoint URL of your Compute Classic site. For information about finding out REST endpoint URL for your site, see Send Requests.
Example of Request Body
The following shows an example of the request body content in the requestbody.json
file.
Some lines may be truncated with ellipses (...) for readability.
{ "vcable": "/Compute-acme/jack.jones@example.com/e4d0564b-1e95-464f-92d8-d74c1c583883", "seclist": "/Compute-acme/jack.jones@example.com/allowed_video_servers" }
Example of Response Body
The following example shows the response body in JSON format.
Some lines may be truncated with ellipses (...) for readability.
{ "vcable": "/Compute-acme/jack.jones@example.com/e4d0564b-1e95-464f-92d8-d74c1c583883", "seclist": "/Compute-acme/jack.jones@example.com/allowed_video_servers", "name": "/Compute-acme/jack.jones@example.com/2128a81c-a9e2-49f8-a003-3d43a95197b9", "uri": "https://api-z999.compute.us0.oraclecloud.com/secassociation/Compute-acme/jack.jones@example.com/2128a81c-a9e2-49f8-a003-3d43a95197b9" }