Disable, Enable or Delete an Access Rule
/paas/api/v1.1/instancemgmt/{identityDomainId}/services/jaas/instances/{serviceId}/accessrules/{ruleName}
Disable, enable, or delete an access rule. You cannot change the rule details.
The access rules that control external communication to the WebLogic Server Administration Console, Fusion Middleware Control, and Load Balancer Console are disabled by default if you did not set enableAdminConsole
to true
when you provisioned the service instance. To gain access to the administration consoles, you are required to explicitly enable the access rules for them, namely:
ora_p2admin_ahttps
for WebLogic Server Administration Console and Fusion Middleware Controlora_p2otd_ahttps
for Oracle Traffic Director (Load Balancer) Administration Console
Note: On Oracle Cloud Infrastructure, all the required rules are preconfigured out-of-the-box upon service instance provisioning. To modify the rules using the REST API, use the security-related Core Services APIs in Oracle Cloud Infrastructure API Documentation. See also Security Lists in the Oracle Cloud Infrastructure documentation.
Request
- application/json
-
identityDomainId: string
Identity domain ID for the Oracle Java Cloud Service account.
-
ruleName: string
Name of the access rule to disable or enable.
-
serviceId: string
Name of the Oracle Java Cloud Service instance.
-
Authorization: string
Base64 encoded user name and password separated by a colon or OAuth access token obtained from Oracle Identity Cloud Service. See Authenticate.
-
X-ID-TENANT-NAME: string
Identity domain ID for the Oracle Java Cloud Service account.
object
-
operation:
string
Type of operation to perform on the access rule. Valid values are:
update
(to disable or enable a rule) anddelete
(to delete a rule). -
status:
string
State of the access rule to update to. This attribute is required only when you disable or enable a rule. Valid value is
disable
orenable
.
Response
- application/json
200 Response
202 Response
object
-
description:
string
Description of the rule.
-
destination:
string
The service component to allow traffic to.
-
ports:
string
Ports for the rule.
-
protocol:
string
Communication protocol. For example,
tcp
. -
rule:
object rule
Groups information about rules. This attribute is not returned when you disable or enable a rule.
-
ruleName:
string
Name of the rule.
-
ruleType:
string
Type of rule.
-
source:
string
The hosts from which traffic is allowed.
-
status:
string
Status of the rule.
object
-
description:
string
Description of the rule.
-
destination:
string
The service component to allow traffic to.
-
ports:
string
Ports for the rule.
-
protocol:
string
Communication protocol. For example,
tcp
. -
ruleName:
string
Name of the rule.
-
ruleType:
string
Type of rule.
-
source:
string
The hosts from which traffic is allowed.
-
status:
string
Status of the rule.
Examples
The following example shows how to update an access rule by submitting a PUT request on the REST resource using cURL.
Note: The command in this example uses the URL structure https://rest_server_url/resource-path
, where rest_server_url
is the REST server to contact for your identity domain (or Cloud Account). See Send Requests.
cURL Command
curl -i -X PUT -u username:password -d @updaterule.json -H "Content-Type:application/json" -H "X-ID-TENANT-NAME:ExampleIdentityDomain" https://rest_server_url/paas/api/v1.1/instancemgmt/ExampleIdentityDomain/services/jaas/instances/ExampleInstance/accessrules/my_corp_vnc
Example of Request Body (Disable a Rule)
The following shows an example of the request body in JSON format for disabling a rule.
{
"operation":"update",
"status":"disabled"
}
Example of Request Body (Enable a Rule)
The following shows an example of the request body in JSON format for enabling a rule.
{
"operation":"update",
"status":"enabled"
}
Example of Request Body (Delete a Rule)
The following shows an example of the request body in JSON format for deleting a rule.
{
"operation":"delete"
}
Example of Response Header (Disable or Enable a Rule)
The following shows an example of the response header when you disable or enable a rule.
HTTP/1.1 200 OK
Date: Wed, 27 Apr 2016 01:04:03 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Example of Response Header (Delete a Rule)
The following shows an example of the response header when you delete a rule.
HTTP/1.1 202 Accepted
Date: Wed, 27 Apr 2016 01:09:29 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Example of Response Body (Disable a Rule)
The following shows an example of the response body when you disable a rule.
{
"ruleName": "my_corp_vnc",
"description": "corporate to VNC to Admin Server",
"ports": "5900",
"protocol": "tcp",
"status": "disabled",
"source": "192.123.45.6/32",
"destination": "WLS_ADMIN_SERVER"
"ruleType": "USER"
}
Example of Response Body (Enable a Rule)
The following shows an example of the response body when you enable a rule.
{
"ruleName": "my_corp_vnc",
"description": "corporate to VNC to Admin Server",
"ports": "5900",
"protocol": "tcp",
"status": "enabled",
"source": "192.123.45.6/32",
"destination": "WLS_ADMIN_SERVER"
"ruleType": "USER"
}
Example of Response Body (Delete a Rule)
The following shows an example of the response body when you delete a rule.
{
"rule":
{
"ruleName": "my_corp_vnc",
"description": "corporate to VNC to Admin Server",
"ports": "5900",
"protocol": "tcp",
"status": "disabled",
"source": "192.123.45.6/32",
"destination": "WLS_ADMIN_SERVER"
"ruleType": "USER"
}
}