REST API for Oracle SOA Cloud Service

Update an Access Rule

put

/paas/api/v1.1/instancemgmt/{identityDomainId}/services/SOA/instances/{serviceId}/accessrules/{ruleName}

This endpoint is not applicable to service instances created on Oracle Cloud Infrastructure.

Disable, enable, or delete an access rule only. You cannot change the rule details.

The access rules that control external communication to the WebLogic Server Administration Console, Fusion Middleware Control, and Load Balancer Console are disabled by default if you did not set enableAdminConsole to true when you provisioned the service instance. To gain access to the administration consoles, you are required to explicitly enable the access rules for them, namely:

ora_p2admin_ahttps for WebLogic Server Administration Console and Fusion Middleware Control
ora_p2otd_ahttps for Oracle Traffic Director (Load Balancer) Administration Console

Note:On Oracle Cloud Infrastructure, all the required rules are preconfigured out-of-the-box upon service instance provisioning. To modify the rules using the REST API, use the security-related Core Services APIs in the Oracle Cloud Infrastructure documentation. See also Security Lists in the Oracle Cloud Infrastructure documentation.

Request

Supported Media Types

application/json

Path Parameters

identityDomainId: string

Identity domain ID for the Oracle SOA Cloud Service account.
ruleName: string

Name of the access rule to disable or enable.
serviceId: string

Name of the Oracle SOA Cloud Service instance.

Header Parameters

X-ID-TENANT-NAME: string

Identity domain ID for the Oracle SOA Cloud Service account.

The request body defines the details of the disable, enable, or delete request.

Root Schema : updatesecrule-putrequest

Type: object

Show Source

operation: string

Type of operation to perform on the access rule. Valid values are: update (to disable or enable a rule) and delete (to delete a rule).
status: string

State of the access rule to update to. This attribute is required only when you disable or enable a rule. Valid value is disable or enable.

{
    "properties":{
        "operation":{
            "type":"string",
            "description":"Type of operation to perform on the access rule. Valid values are: <code>update</code> (to disable or enable a rule) and <code>delete</code> (to delete a rule)."
        },
        "status":{
            "type":"string",
            "description":"State of the access rule to update to. This attribute is required only when you disable or enable a rule. Valid value is <code>disable</code> or <code>enable</code>."
        }
    },
    "required":[
        "operation",
        "status"
    ]
}

Response

Supported Media Types

application/json

200 Response

OK (enable or disable rule). See Root-Schema below.

202 Response

Accepted (delete rule).

Root Schema : updatesecrule-response

Type: object

Show Source

description: string

Description of the rule.
destination: string

The service component to allow traffic to.
ports: string

Ports for the rule.
rule: string

Groups information about rules. This attribute is returned when you delete a rule.
ruleName: string

Name of the rule.
ruleType: string

Type of rule.
source: string

The hosts from which traffic is allowed.
status: string

Status of the rule.

{
    "required":[
        "description",
        "destination",
        "rule",
        "ruleName",
        "ruleType",
        "ports",
        "source",
        "status"
    ],
    "properties":{
        "description":{
            "type":"string",
            "description":"Description of the rule."
        },
        "destination":{
            "type":"string",
            "description":"The service component to allow traffic to."
        },
        "rule":{
            "type":"string",
            "description":"Groups information about rules. This attribute is returned when you delete a rule."
        },
        "ruleName":{
            "type":"string",
            "description":"Name of the rule."
        },
        "ruleType":{
            "type":"string",
            "description":"Type of rule."
        },
        "ports":{
            "type":"string",
            "description":"Ports for the rule."
        },
        "source":{
            "type":"string",
            "description":"The hosts from which traffic is allowed."
        },
        "status":{
            "type":"string",
            "description":"Status of the rule."
        }
    }
}

Examples

The following example shows how to update an access rule by submitting a PUT request on the REST resource using cURL. For more information, see Use cURL.

cURL Command

curl -I -X PUT -u username:Password1! -d @updaterule.json -H "X-ID-TENANT-NAME:ExampleIdentityDomain" https://rest-server_url.com/paas/api/v1.1/instancemgmt/{identityDomainId}/services/SOA/instances/{serviceName}/accessrules/my_rule

Example of Request Header

The following example shows the request header.

-u '{userName}:{password}'
X-ID-TENANT-NAME: {identityDomainId}

Example of Request Body (Disable a Rule)

The following example shows the request for disabling an access rule in JSON format.

{
  "operation": "update",
  "status": "disabled"
}

Example of Response Body (Disable a Rule)

The following example shows the response body returned in JSON format:

{
  "ruleName": "my_rule",
  "description": "new access rule to port 80",
  "status": "disabled",
  "source": "PUBLIC-INTERNET",
  "destination": "OTD_OTD_SERVER",
  "ports": "80",
  "protocol": "tcp",
  "ruleType": "USER"
}

Example of Request Body (Enable a Rule)

The following example shows the request body in JSON format for enabling a rule.

{
  "operation": "update",
  "status": "enabled"
}

Example of Response Body (Enable a Rule)

The following example shows the response body when you enable a rule.

{
  "ruleName": "my_corp_vnc",
  "description": "corporate to VNC to Admin Server",
  "ports": "5900",
  "protocol": "tcp",
  "status": "enabled",
  "source": "192.123.45.6\/32",
  "destination": "WLS_ADMIN_SERVER"
}