Creating Access Rules

Not Oracle Cloud Infrastructure This topic does not apply to Oracle Cloud Infrastructure.

For clusters created in Oracle Cloud Infrastructure Classic, administrators can create access rules to enable ports not associated with predefined access rules, or to restrict access to ports to only permit connections from specific IP addresses.

To create an access rule:

  1. Open the Oracle Data Hub Cloud Service Console.
  2. From the Menu icon menu for the cluster for which you want to manage access, select Access Rules.
    The Access Rules page is displayed. For information about the details on this page, see Access Rules Page.
  3. Click Create Rule. In the Create Access Rule dialog, enter the following information:
    • Rule Name: Any name to identify this rule. Must start with a letter, followed by letters, numbers, hyphens, or underscores. Cannot start with ora_ or sys_.

    • Description: (Optional) Any description of your choice.

    • Source: The hosts from which traffic should be allowed. Choices are:

      • CASSANDRA_ADMIN_HOST: The security list consisting of all Oracle Data Hub Cloud Service ADMIN hosts.

      • CASSANDRA_MAIN_SERVER: The security list consisting of all Oracle Data Hub Cloud Service SERVER hosts.

      • PAAS_INFRA: Internal for platform services. Used for various life cycle operations including provisioning, patching, and scaling.

      • PUBLIC-INTERNET: The public-internet Security IP List. For information about this and other security IP lists, see About Security IP Lists in Using Oracle Compute Cloud Service (for PaaS).

      • custom: A custom list of addresses from which traffic should be allowed. In the field that displays below when you select this option, enter a comma-separated list of the subnets (in CIDR format) or IPv4 addresses for which you want to permit access.

    • Destination: The service component to which traffic should be allowed. Choices are as follows (see the previous descriptions):

      • CASSANDRA_ADMIN_HOST

      • CASSANDRA_MAIN_SERVER

    • Destination Port(s): The port or range of ports you want to open. Specify a single port, such as 5001, or a range of ports separated by a hyphen, such as 5001-5010.

    • Protocol: The protocol for the access rule.

  4. Click Create.
    The Create Access Rule dialog closes and the rule is displayed in the list of rules. New rules are enabled by default. If necessary, adjust the number of results displayed on the Access Rules page so you can see the newly created rule.