24 Network Sources

You can enable network source-based access control for your Oracle AI Data Platform Workbench instances.

A network source is a set of trusted IP addresses. The IP addresses can be public IP addresses or IP addresses from Virtual Cloud Networks (VCNs) within your tenancy. OCI Network Source support in AI Data Platform Workbench enables defining a set of IP ranges (public or VCN-based) as trusted IP addresses from which traffic should be allowed. Your tenancy admins can then define IAM policies to control traffic to your private networks only from the originating IP ranges that are related to your AI Data Platform Workbench use-cases.

To restrict access to requests made from a set of IP addresses or network sources, you need to follow these steps:

1. Create a network source that defines the allowed IP addresses for controlling access to your Oracle AI Data Platform Workbench instances. For setup instructions for network source, refer to OCI Network Source documentation.
2. Write a policy that uses the network source variable in a condition. The following is an example of the IAM policy including a network source variable you can add to the your existing AI Data Platform Workbench related IAM policies:

allow group <aidpAdminIdentityDomain>/<aidpAdminGroup> to manage ai-data-platform-family in tenancy where all {request.networkSource.name=<AIDP-related-network-source-name>}