1. Using File Server in Oracle Integration 3
  2. Administer File Server
  3. Create an Allowlist for Public IP Addresses

Create an Allowlist for Public IP Addresses

A tenant administrator must create an allowlist (formerly a whitelist) for File Server. Only users from the entities that you specify in the allowlist can connect to File Server. You create the allowlist in the Oracle Cloud Infrastructure Console, the same place where you enable File Server.

Prerequisites

Before creating an allowlist, you should create and manage folders and their permissions. See Configure Folders and View List of Files.

About the Allowlist

With the allowlist, you allow one or more of the following entities to access File Server:

  • Single IP address, such as 10.10.10.10

  • Classless Inter-Domain Routing (CIDR) block (that is, an IP address range), such as 10.0.0.0/24

You can create up to 15 rules for File Server, in addition to the 15 rules that you can create for HTTP connections. A rule can also apply to both File Server and HTTP.

Required Updates After Upgrading to Oracle Integration 3

If you had a File Server allowlist in Oracle Integration Generation 2 and upgraded to Oracle Integration 3, Oracle assigned you new IP and port values for the File Server SFTP server. The Oracle Integration Generation 2 IP and port values remain valid for SFTP runtime traffic for four months after the upgrade. Understand how the new IP and port values that Oracle assigns after the upgrade affect your File Server allowlist:

  • For SFTP clients that were on your File Server allowlist in Oracle Integration Generation 2

    These SFTP clients can continue accessing File Server using the Oracle Integration Generation 2 IP and port values. This access is granted for up to four months after the upgrade and persists even if you remove the SFTP clients from your self-service File Server allowlist.

    You have the following action items:

    • Within the four-month time window, you must update all integrations and SFTP clients so that they use the new IP and port values.

      While you don't have to update the values immediately after the upgrade, Oracle recommends completing this step then. Otherwise, you risk forgetting to update the values and then experiencing issues when Oracle retires the IP and port values.

    • If you want to block the integrations and SFTP clients from accessing File Server, enter a service request (SR).

  • For SFTP clients that weren't on your File Server allowlist in Oracle Integration Generation 2, such as new SFTP clients that you configure after upgrading

    You have the following action items:

    • Ensure that all integrations and SFTP clients use the Oracle Integration 3 IP and port values to access File Server.

    • Add the SFTP clients to the File Server allowlist.

To Manage the Allowlist:

  1. Manage the allowlist in the Oracle Cloud Infrastructure Console.

    See Configure an Allowlist for Your Instance in Provisioning and Administering Oracle Integration 3.