JavaScript must be enabled to correctly display this content
Set Access Control List for an Autonomous Database on Dedicated Exadata Infrastructure
An Access Control List (ACL) provides additional protection to your Autonomous Database by allowing
only the client with specific IP addresses to connect to the database. You can add
IP addresses individually, or in CIDR blocks. Enabling an ACL with an empty list of
IP addresses makes the database inaccessible.
Go to the Details page of the Autonomous Database to which you want to set access
control.
In the Autonomous Database Information tab, locate
Access Control List under Network and click
Edit.
Editing an ACL is enabled only when the database state is
Available.
Note:
For Autonomous Data Guard enabled databases, the Access Control
List for both the primary and standby databases can be
edited only from the primary database. The
Details page of a standby database allows you
only to view the ACLs.
The Edit Access Control List dialog appears with
existing ACLs and their values.
Optionally, edit an existing ACL by overwriting its values or
remove it completely by clicking X next to it.
Note:
If Access Control
List is disabled for this Autonomous Database, you do not see any ACL to edit. Click
Enable database level access control to enable ACL.
Optionally, add an ACL by selecting or entering basic information:
Click + Access Control Rule.
Depending on the types of addresses in your list, select one of the
following options from the IP notation type drop-down
selector:
IP Address: Specify individual IP addresses.
You can use commas to separate multiple IP addresses.
Note:
An IP address
specified in a network ACL entry should be the public IP
address of the client that is visible on the public internet
that you want to grant access. For example, for an Oracle
Cloud Infrastructure VM, this is the IP address shown in the
Public IP field on the Oracle
Cloud Infrastructure console for that VM.
CIDR Block: Specify ranges of public IP
addresses using CIDR notation. You can use commas to separate
multiple values.
For Autonomous Data Guard enabled databases, you see options to define access control for the standby
database. Depending on your preference, select one of the following options for
Standby database access control:
Choose Same as primary database to apply the ACL that you already
defined for the primary database to the standby database as well. This is
the default selection.
Note:
By default, the ACL defined for the primary
database applies to the standby database also.
Choose Define standby database access control to define a
separate ACL for the standby database. By default, the standby database ACL
is initialized with the same values as the primary database ACL. Add or
modify the entries as needed.
Click Save Changes.
If the Lifecycle State is Available when you click
Save the Lifecycle State changes to
Updating until the ACL is set. The database is still up
and accessible, there is no downtime. When the update is complete the Lifecycle
State returns to Available and the network ACLs from
the access control list are in effect.