View All Access Rules
get
/paas/api/v1.1/instancemgmt/{identityDomainId}/services/SOA/instances/{serviceId}/accessrules
This endpoint is not applicable to service instances created in Oracle Cloud Infrastructure.
Returns information about all access rules defined for an Oracle SOA Cloud Service instance.
The access rules that control external communication to the WebLogic Server Administration Console, Fusion Middleware Control, and Load Balancer Console are disabled by default if you did not set enableAdminConsole to true when you provisioned the service instance. To gain access to the administration consoles, you are required to explicitly enable the access rules for them. See Update an Access Rule.
Note:On Oracle Cloud Infrastructure, all the required rules are preconfigured out-of-the-box upon service instance provisioning. To modify the rules using the REST API, use the security-related Core Services APIs in the Oracle Cloud Infrastructure documentation. See also Security Lists in the Oracle Cloud Infrastructure documentation.
Request
Path Parameters
-
identityDomainId: string
Identity domain ID for the Oracle SOA Cloud Service account.
-
serviceId: string
Name of the Oracle SOA Cloud Service instance.
Header Parameters
-
X-ID-TENANT-NAME: string
Identity domain ID for the Oracle SOA Cloud Service account.
Response
Supported Media Types
- application/json
200 Response
OK.
Root Schema : secrules-response
Type:
objectThe response body contains information about the access rules.
Show Source
-
accessRules:
array accessRules
Groups details about access rules.
-
activities:
array activities
Groups details about ongoing and failed activity messages, if available.
Nested Schema : activities
Type:
arrayGroups details about ongoing and failed activity messages, if available.
Show Source
Nested Schema : secrules-details
Type:
Show Source
object-
description(optional):
string
Description of the rule.
-
destination(optional):
string
The service component to allow traffic to. For example,
WLS_ADMIN_SERVERorOTD. -
ports(optional):
string
Ports for the rule. This can be a single port or a port range.
-
ruleName(optional):
string
Name of the rule.
-
ruleType(optional):
string
Type of rule. For example,
SYSTEM,DEFAULT, orUSER. -
source(optional):
string
The hosts from which traffic is allowed. For example,
PUBLIC-INTERNETfor any host on the Internet, a single IP address or a comma-separated list of subnets (in CIDR format) or IPv4 addresses, or a service component name such asWLS_ADMIN_SERVER,WLS_MANAGED_SERVER,OTD, orDB. -
status(optional):
string
Status of the rule. Valid value:
disabledorenabled.
Nested Schema : secrules-activities
Type:
Show Source
object-
activity(optional):
array activity
Groups messages and errors for ongoing and failed activities.
Nested Schema : activity
Type:
arrayGroups messages and errors for ongoing and failed activities.
Show Source
Nested Schema : message-errors
Type:
Show Source
object-
errors(optional):
string
Error encountered for an ongoing or failed activity.
-
message(optional):
string
Message of an ongoing or failed activity.
Examples
The following example shows how to retrieve access rules defined for an Oracle SOA Cloud Service instance by submitting a GET request on the REST resource using cURL. For more information, see Use cURL.
cURL Command
curl -i -X GET -u username:Password1! -H "X-ID-TENANT-NAME:ExampleIdentityDomain" https://rest-server_url.com/paas/api/v1.1/instancemgmt/{identityDomainId}/services/SOA/instances/{serviceName}/accessrules
Example of Request Header
The following example shows the request header.
-u '{userName}:{password}'
X-ID-TENANT-NAME: {identityDomainId}
Accept: application/json
Example of Response Body
The following example shows the response document returned in JSON format:
{
"accessRules": [
{
"ruleName": "ora_p2otd_ssh",
"description": "Permit ssh access to nodes",
"status": "enabled",
"source": "PUBLIC-INTERNET",
"destination": "OTD_OTD_SERVER",
"ports": "22",
"protocol": "tcp",
"ruleType": "DEFAULT"
},
{
"ruleName": "ora_p2otd_ahttps",
"description": "Permit public access to https administration port",
"status": "disabled",
"source": "PUBLIC-INTERNET",
"destination": "OTD_OTD_SERVER",
"ports": "8989",
"protocol": "tcp",
"ruleType": "DEFAULT"
},
{
"ruleName": "ora_p2otd_chttps",
"description": "Permit public access to https content port",
"status": "enabled",
"source": "PUBLIC-INTERNET",
"destination": "OTD_OTD_SERVER",
"ports": "443",
"protocol": "tcp",
"ruleType": "DEFAULT"
},
{
"ruleName": "ora_p2otd_chttp",
"description": "Permit public access to http content port",
"status": "enabled",
"source": "PUBLIC-INTERNET",
"destination": "OTD_OTD_SERVER",
"ports": "80",
"protocol": "tcp",
"ruleType": "DEFAULT"
},
{
"ruleName": "sys_infra2otd_admin_ssh",
"description": "DO NOT MODIFY: Permit PSM to ssh to admin host",
"status": "enabled",
"source": "PAAS-INFRA",
"destination": "OTD_ADMIN_HOST",
"ports": "22",
"protocol": "tcp",
"ruleType": "SYSTEM"
},
{
"ruleName": "ora_otd2ms_chttp",
"description": "Permit http connection to managed servers from OTD",
"status": "enabled",
"source": "OTD_OTD_SERVER",
"destination": "WLS_MS",
"ports": "9073",
"protocol": "tcp",
"ruleType": "SYSTEM"
},
{
"ruleName": "ora_otd2ms_chttps",
"description": "Permit https connection to managed servers from OTD",
"status": "enabled",
"source": "OTD_OTD_SERVER",
"destination": "WLS_MS",
"ports": "9074",
"protocol": "tcp",
"ruleType": "SYSTEM"
},
{
"ruleName": "sys_wls2otd_ssh",
"description": "DO NOT MODIFY: Permit WLS admin host to ssh to OTD admin host",
"status": "enabled",
"source": "WLS_ADMIN_HOST",
"destination": "OTD_ADMIN_HOST",
"ports": "22",
"protocol": "tcp",
"ruleType": "SYSTEM"
},
{
"ruleName": "ora_p2admin_ssh",
"description": "Permit ssh access to nodes",
"status": "enabled",
"source": "PUBLIC-INTERNET",
"destination": "WLS_ADMIN",
"ports": "22",
"protocol": "tcp",
"ruleType": "DEFAULT"
},
{
"ruleName": "ora_p2admin_ahttps",
"description": "Permit public access to https administration port",
"status": "disabled",
"source": "PUBLIC-INTERNET",
"destination": "WLS_ADMIN",
"ports": "7002",
"protocol": "tcp",
"ruleType": "DEFAULT"
},
{
"ruleName": "ora_wls2db_dbport",
"description": "Permit connection to Database Service from WLS",
"status": "enabled",
"source": "WLS_MS",
"destination": "DBaaS:dbaas-1210-1019:DB",
"ports": "1521",
"protocol": "tcp",
"ruleType": "DEFAULT"
},
{
"ruleName": "ora_sys_ms2db_ssh",
"description": "Permit ssh access to nodes",
"status": "enabled",
"source": "WLS_MS",
"destination": "DBaaS:dbaas-1210-1019:DB",
"ports": "22",
"protocol": "tcp",
"ruleType": "DEFAULT"
},
{
"ruleName": "sys_infra2wls_admin_ssh",
"description": "DO NOT MODIFY: Permit PSM to ssh to admin host",
"status": "enabled",
"source": "PAAS-INFRA",
"destination": "WLS_ADMIN_HOST",
"ports": "22",
"protocol": "tcp",
"ruleType": "SYSTEM"
}
],
"activities": [
]
}