Add an Access Control Rule to a Load Balancer
/paas/api/v1.1/instancemgmt/{identityDomainId}/services/jaas/instances/{serviceId}/loadbalancer/{loadBalancerName}/rules
Adds an access control rule set to the Oracle-managed load balancer.
The rule set restricts access to application resources based on the source of the request using a user-specified IP address or address range match condition. See Access Control Rules in the Oracle Cloud Infrastructure documentation.
Request
- application/json
-
identityDomainId: string
Identity domain ID for the Oracle Java Cloud Service account.
-
loadBalancerName: string
Name of the Oracle-managed load balancer. Valid value:
public -
serviceId: string
Name of the Oracle Java Cloud Service instance.
-
Authorization: string
Base64 encoded user name and password separated by a colon or OAuth access token obtained from Oracle Identity Cloud Service. See Authenticate.
-
X-ID-TENANT-NAME: string
Identity domain ID for the Oracle Java Cloud Service account.
object-
action:
string
Type of action. The value must be
ALLOW. -
conditions:
array conditions
Groups details about the access control rule.
-
description(optional):
string
Description about the access control rule.
-
name:
string
Name of the access control rule.
-
type:
string
Type of access control. The value must be
AllowAccessPolicy.
object-
attributeName:
string
Specifies the type of source the load balancer is to allow access. Valid value:
SOURCE_IP_ADDRESS -
attributeValue:
string
For
SOURCE_IP_ADDRESS, specifies an IP address or range of IP addresses using CIDR notation.The load balancer denies access to traffic that does not match the condition specified in the source value.
Response
- application/json
202 Response
object-
details:
object details
Groups details of the operation.
object-
jobId:
string
Job ID for the operation.
-
message:
string
System message that describes the operation.
400 Response
object-
details:
object details
Groups details of a bad request.
object-
issues:
array issues
List of operation issues found.
-
message:
string
Operation message.
Examples
The following example shows how to define an access control rule for the Oracle-managed load balancer by submitting a POST request on the REST resource using cURL.
Note: The command in the example uses the URL structure https://rest_server_url/resource-path, where rest_server_url is the REST server to contact for your identity domain (or Cloud Account). See Send Requests.
cURL Command
curl -i -X POST -u username:password -d @accesscontrolrule.json -H "Content-Type:application/json" -H "X-ID-TENANT-NAME:ExampleIdentityDomain" https://rest_server_url/paas/api/v1.1/instancemgmt/ExampleIdentityDomain/services/jaas/instances/ExampleInstance/loadbalancer/public/rules
Example of Request Body
The following shows an example of a request body for adding an access control rule.
{
"name": "accessrule01",
"type": "AllowAccessPolicy",
"action": "ALLOW",
"description": "Allow traffic from clients whose IP address is in 100.100.204.0/24",
"conditions": [
{
"attributeName": "SOURCE_IP_ADDRESS",
"attributeValue": "100.100.204.0/24"
}
]
}Example of Response Header
The following shows an example of the response header.
HTTP/1.1 202 Accepted
Date: Fri, 22 Nov 2019 18:10:53 GMT
Location: https://rest_server_url/paas/api/v1.1/activitylog/ExampleIdentityDomain/job/30446
Content-Length: 139
Content-Type: application/vnd.com.oracle.oracloud.provisioning.Service+json
Service-URI: https://rest_server_url/paas/api/v1.1/instancemgmt/ExampleIdentityDomain/services/jaas/instances/ExampleInstance
Retry-After: 60Example of Response Body
The following shows an example of the response body in JSON format.
{
"details":{
"message": "Submitted job to update load balancer configuration for service [ExampleInstance] in domain [ExampleIdentityDomain].",
"jobId": "30446"
}
}