For OCI (Gen 2) environments, configures an allowlist of IP addresses and Classless Inter-Domain Routings (CIDRs) that are permitted to access Oracle Enterprise Performance Management Cloud. This command adds or removes IPv4 addresses and CIDRs.

This command provides a self-service method to configure an allowlist for EPM Cloud environments hosted on OCI (Gen2).


  • This command cannot be used to configure allowlist in Classic environments. For Classic environments, use the Service Details screen of My Services (Classic) to create allowlist or denylist rules to regulate how users access EPM Cloud environments.
  • When you setup IP allowlist for an EPM Cloud environment, you permit connections only from those specific IP addresses. In this scenario, requesting access from another EPM Cloud will not work unless you add the outbound IP addresses of the data center or region where the requesting environment is located to the IP allowlist. See Outbound IP Addresses of EPM Cloud Data Centers and Regions in Oracle Enterprise Performance Management Cloud Operations Guide for the IP addresses that you need to add to ensure that the other environments can communicate with the environment for which the IP allowlist is being set up.

Applies to

Planning, Planning Modules, FreeForm, Financial Consolidation and Close, Tax Reporting, Account Reconciliation, Profitability and Cost Management, Enterprise Profitability and Cost Management, Oracle Enterprise Data Management Cloud, Narrative Reporting, Sales Planning, and Strategic Workforce Planning.

Required Roles

Service Administrator


epmAutomate setIPAllowlist add|remove FILE_NAME.txt where:
  • add adds the IP addresses and CIDRs listed in a text file to the allowlist.
  • remove deletes the IP addresses and CIDRs listed in a text file from the allowlist.
  • FILE_NAME is the name of a text file listing the IP addresses and CIDRs to be added to or removed from the allowlist. Each entry in the file must be separated by a newline character. Use the uploadFile command to upload this file to the environment. Each line in the file must be an IPv4 address or CIDR in the following format:


    • Only IPv4 IP addresses are supported.
    • Use CIDR format, rather than individual IP addresses, to specify a continuous range of IP addresses.
    • To disable an allowlist to permit access from any IP address, use the getIPAllowlist command to write all existing IP addresses and CIDRs to a file. Upload the file to the environment, and then run this command with the remove option as shown in this example:
      epmAutomate getIPAllowlist > myRemoveList.txt
      epmAutomate uploadFile myRemoveList.txt
      epmAutomate setIPAllowlist remove myRemoveList.txt


  • Adding some IP addresses and CIDRs to an allowlist:
    epmAutomate setIPAllowlist add myAddList.txt
  • Removing some IP addresses from an allowlist:
    epmAutomate setIPAllowlist remove myRemoveList1.txt