Managing Access Rules for Oracle API Platform Cloud Service - Classic Instances
You can create and manage access rules from the My Services Console and the Oracle API Platform Cloud Service - Classic Overview page.
Access rules enable you to control access to the VMs that make up your service instance. For example, you can enable the database to use a an available port to access the VM for the WebLogic Administration Server for your service instance. The system creates default rules such as access on port 22 from the public internet to the WebLogic Administration Server VM.
Default Oracle API Platform Cloud Service - Classic Access Rules
The following table describes the default access rules that are created when you create an Oracle API Platform Cloud Service - Classic Instance.
Rule Name | Dafault Status | Ports | Protocol | Source | Destination | Description | Rule Type | Application |
---|---|---|---|---|---|---|---|---|
sys_ms2db_dblistener |
Enabled |
1521 |
tcp |
WLS_MANAGED_SERVER |
DBaaS:<dbaas_instance>:DB |
DO NOT MODIFY: Permit listener connection to database from managed servers |
SYSTEM |
- |
sys_ms2db_ssh |
Enabled |
22 |
tcp |
WLS_MANAGED_SERVER |
DBaaS:<dbaas_instance>:DB |
DO NOT MODIFY: Permit managed servers to ssh to db |
SYSTEM |
- |
ora_lb2wls_8001_1 |
Enabled |
8001 |
tcp |
<Load Balancer IPs> |
WLS_MANAGED_SERVER |
Do not edit or remove: Permit http connection to wls from load balancer |
DEFAULT |
- |
ora_lb2admin_server_7001_1 |
Enabled |
7001 |
tcp |
<Load Balancer IPs> |
WLS_ADMIN_SERVER |
Do not edit or remove: Permit http connection to admin_server from load balancer |
DEFAULT |
- |
ora_p2admin_ssh |
Enabled |
22 |
tcp |
PUBLIC-INTERNET |
WLS_ADMIN_SERVER |
Permit public to ssh to admin server |
DEFAULT |
- |
ora_p2admin_ahttps |
Disabled |
7002 |
tcp |
PUBLIC-INTERNET |
WLS_ADMIN_SERVER |
Permit public to https to admin server |
DEFAULT |
- |
sys_infra2admin_ssh |
Enabled |
22 |
tcp |
PUBLIC INTERNET |
WLS_ADMIN_SERVER |
DO NOT MODIFY: Permit PSM to ssh to admin server |
SYSTEM |
- |
Default Oracle API Platform Cloud Service - Classic Security Lists
The following table describes the default security lists that are created when you create an Oracle API Platform Cloud Service - Classic Instance.
Security List Name | Account |
---|---|
wls/ora_admin |
/opcapics/default |
wls/ora_ms |
/opcapics/default |
wls/ora_wls_infraadmin |
/opcapics/default |
lb/ora_otd |
/opcapics/default |
lb/ora_otd_infraadmin |
/opcapics/default |
Default Oracle API Platform Cloud Service - Classic Security Applications
The following table describes the default security applications that are created when you create an Oracle API Platform Cloud Service - Classic instance.
Name | Protocol | Port | Description |
---|---|---|---|
sys_chttp |
TCP |
9073 |
DO NOT MODIFY: Permit HTTP connection to managed servers from OTD |
sys_chttps |
TCP |
9074 |
DO NOT MODIFY: Permits HTTP connection to managed servers from OTD |
sys_dblistener |
TCP |
1521 |
DO NOT MODIFY. Permits listener connection to database from managed servers. |
wls/ora_ahttps |
TCP |
7002 |
Permits traffic from the public internet over HTTPS to the Administration Server. |
lb/ora_ahttps |
TCP |
8989 |
Permits public to https to OTD admin server |
lb/ora_chttps |
TCP |
443 |
Permits traffic from the public internet over HTTPS to the Managed Servers. |