Before You Begin

This 10-minute tutorial guides you through the creation of Oracle Data Integration Platform Cloud access rules.

Background

In an access rule, you define sources, destinations, and ports to control network access to or from your cloud service components. The Data Integration Platform Cloud service console, includes a menu with options for you to create access rules.

Available sources and targets are:

• OTD_ADMIN_HOST: The first Oracle Traffic Director (OTD) load balancer node
• OTD_OTD_SERVER: All OTD load balancer nodes
• WLS_ADMIN: All WebLogic Administration Server nodes
• WLS_ADMIN_HOST: The WebLogic Administration Server node
• WLS_MS: All WebLogic Server nodes

Additional acceptible sources are:

• PUBLIC-INTERNET: Any host on the internet
• DBaaS:Name:DB: The database service named Name
• custom: A custom list of addresses from which traffic should be allowed. In the field that appears below this one, enter a comma-separated list of subnets, in CIDR format or IPv4 addresses for which you want to permit access to.

What Do You Need?

• An Oracle Data Integration Platform Cloud instance. In this tutorial, this instance is called DIPCDEF.

Creating Custom Access Rules

1. From the Data Integration Platform Cloud Instances page, select a service instance and then click Manage this service.

   

2. From the Manage this service menu, select Access Rules.

   

3. On the Access Rules, page, click Create Rule.

   

4. Complete the fields as follows, and then click Create:
   • Rule Name: ABC_Access_Rule
   • Description: Access from HQ servers to DIPCABC VM, covering <IP address 1> through <IP address 3>, via port 7023
   • Source: Select <custom. To enter a valid IP address range, write the first IP address, append a slash and then enter the last number of the range. For example, for <ip address ending in 1> through <same ip address, except for the last number being 3>, you wtrite x......1/3in the field that appears for custom IP addresses when you select <custom>.
     

     By using slash, you are providing a range of custom IP addresses. You may also just write one IP address, or separate the IP addresses with commas.

   • Destination: Select WLS_ADMIN.
   • Destination Port(s): 7023
     Note:  In addition to the listed ports on the Access Rules page, to find out if other ports are taken on your VM, use the netstat command. With this command you'll find out which process or program is using a certain port. If that port is taken, then assign a different port for the destination. For example, for port 7023, the command is:

     $ netstat -na | grep 7023

   • Protocol: Select TCP.

   

5. Confirm that a message appears that the Creation of [ABC_Access_Rule] is in progress.

   

6. Refresh the page until the rule appears in the list of Access Rules for your instance.You may need to go to the second page to find the rule.
   

   

Click the Actions Menu  for your access rule to disable, enable or delete it.