View All Access Rules
/paas/api/v1.1/instancemgmt/{identityDomainId}/services/SOA/instances/{serviceId}/accessrules
Returns information about all access rules defined for an Oracle SOA Cloud Service instance.
The access rules that control external communication to the WebLogic Server Administration Console, Fusion Middleware Control, and Load Balancer Console are disabled by default if you did not set enableAdminConsole
to true
when you provisioned the service instance. To gain access to the administration consoles, you are required to explicitly enable the access rules for them. See Update an Access Rule.
Note:On Oracle Cloud Infrastructure, all the required rules are preconfigured out-of-the-box upon service instance provisioning. To modify the rules using the REST API, use the security-related Core Services APIs in the Oracle Cloud Infrastructure documentation. See also Security Lists in the Oracle Cloud Infrastructure documentation.
Request
-
identityDomainId: string
Identity domain ID for the Oracle SOA Cloud Service account.
-
serviceId: string
Name of the Oracle SOA Cloud Service instance.
-
X-ID-TENANT-NAME: string
Identity domain ID for the Oracle SOA Cloud Service account.
Response
- application/json
200 Response
object
-
accessRules:
array accessRules
Groups details about access rules.
-
activities:
array activities
Groups details about ongoing and failed activity messages, if available.
array
object
-
description(optional):
string
Description of the rule.
-
destination(optional):
string
The service component to allow traffic to. For example,
WLS_ADMIN_SERVER
orOTD
. -
ports(optional):
string
Ports for the rule. This can be a single port or a port range.
-
ruleName(optional):
string
Name of the rule.
-
ruleType(optional):
string
Type of rule. For example,
SYSTEM
,DEFAULT
, orUSER
. -
source(optional):
string
The hosts from which traffic is allowed. For example,
PUBLIC-INTERNET
for any host on the Internet, a single IP address or a comma-separated list of subnets (in CIDR format) or IPv4 addresses, or a service component name such asWLS_ADMIN_SERVER
,WLS_MANAGED_SERVER
,OTD
, orDB
. -
status(optional):
string
Status of the rule. Valid value:
disabled
orenabled
.
object
-
activity(optional):
array activity
Groups messages and errors for ongoing and failed activities.
array
object
-
errors(optional):
string
Error encountered for an ongoing or failed activity.
-
message(optional):
string
Message of an ongoing or failed activity.
Examples
The following example shows how to retrieve access rules defined for an Oracle SOA Cloud Service instance by submitting a GET request on the REST resource using cURL. For more information, see Use cURL.
cURL Command
curl -i -X GET -u username:Password1! -H "X-ID-TENANT-NAME:ExampleIdentityDomain" https://rest-server_url.com/paas/api/v1.1/instancemgmt/{identityDomainId}/services/SOA/instances/{serviceName}/accessrules
Example of Request Header
The following example shows the request header.
-u '{userName}:{password}' X-ID-TENANT-NAME: {identityDomainId} Accept: application/json
Example of Response Body
The following example shows the response document returned in JSON format:
{ "accessRules": [ { "ruleName": "ora_p2otd_ssh", "description": "Permit ssh access to nodes", "status": "enabled", "source": "PUBLIC-INTERNET", "destination": "OTD_OTD_SERVER", "ports": "22", "protocol": "tcp", "ruleType": "DEFAULT" }, { "ruleName": "ora_p2otd_ahttps", "description": "Permit public access to https administration port", "status": "disabled", "source": "PUBLIC-INTERNET", "destination": "OTD_OTD_SERVER", "ports": "8989", "protocol": "tcp", "ruleType": "DEFAULT" }, { "ruleName": "ora_p2otd_chttps", "description": "Permit public access to https content port", "status": "enabled", "source": "PUBLIC-INTERNET", "destination": "OTD_OTD_SERVER", "ports": "443", "protocol": "tcp", "ruleType": "DEFAULT" }, { "ruleName": "ora_p2otd_chttp", "description": "Permit public access to http content port", "status": "enabled", "source": "PUBLIC-INTERNET", "destination": "OTD_OTD_SERVER", "ports": "80", "protocol": "tcp", "ruleType": "DEFAULT" }, { "ruleName": "sys_infra2otd_admin_ssh", "description": "DO NOT MODIFY: Permit PSM to ssh to admin host", "status": "enabled", "source": "PAAS-INFRA", "destination": "OTD_ADMIN_HOST", "ports": "22", "protocol": "tcp", "ruleType": "SYSTEM" }, { "ruleName": "ora_otd2ms_chttp", "description": "Permit http connection to managed servers from OTD", "status": "enabled", "source": "OTD_OTD_SERVER", "destination": "WLS_MS", "ports": "9073", "protocol": "tcp", "ruleType": "SYSTEM" }, { "ruleName": "ora_otd2ms_chttps", "description": "Permit https connection to managed servers from OTD", "status": "enabled", "source": "OTD_OTD_SERVER", "destination": "WLS_MS", "ports": "9074", "protocol": "tcp", "ruleType": "SYSTEM" }, { "ruleName": "sys_wls2otd_ssh", "description": "DO NOT MODIFY: Permit WLS admin host to ssh to OTD admin host", "status": "enabled", "source": "WLS_ADMIN_HOST", "destination": "OTD_ADMIN_HOST", "ports": "22", "protocol": "tcp", "ruleType": "SYSTEM" }, { "ruleName": "ora_p2admin_ssh", "description": "Permit ssh access to nodes", "status": "enabled", "source": "PUBLIC-INTERNET", "destination": "WLS_ADMIN", "ports": "22", "protocol": "tcp", "ruleType": "DEFAULT" }, { "ruleName": "ora_p2admin_ahttps", "description": "Permit public access to https administration port", "status": "disabled", "source": "PUBLIC-INTERNET", "destination": "WLS_ADMIN", "ports": "7002", "protocol": "tcp", "ruleType": "DEFAULT" }, { "ruleName": "ora_wls2db_dbport", "description": "Permit connection to Database Service from WLS", "status": "enabled", "source": "WLS_MS", "destination": "DBaaS:dbaas-1210-1019:DB", "ports": "1521", "protocol": "tcp", "ruleType": "DEFAULT" }, { "ruleName": "ora_sys_ms2db_ssh", "description": "Permit ssh access to nodes", "status": "enabled", "source": "WLS_MS", "destination": "DBaaS:dbaas-1210-1019:DB", "ports": "22", "protocol": "tcp", "ruleType": "DEFAULT" }, { "ruleName": "sys_infra2wls_admin_ssh", "description": "DO NOT MODIFY: Permit PSM to ssh to admin host", "status": "enabled", "source": "PAAS-INFRA", "destination": "WLS_ADMIN_HOST", "ports": "22", "protocol": "tcp", "ruleType": "SYSTEM" } ], "activities": [ ] }