[OCI] Understanding Security Lists in Oracle Cloud (OCI)

on

 


When working with Oracle Cloud Infrastructure (OCI), one of the key things to understand is how to control who can access your cloud resources and how those resources connect to the outside world. This is where Security Lists come into play.

In this blog post, I’ll explain what a Security List is in OCI, using simple terms and real-life examples to help you understand it easily.


🔐 What is a Security List?

A Security List in OCI is like a gatekeeper or security guard for your cloud environment. It contains rules that determine:

  • Who can enter (called Ingress Rules)

  • Who can exit (called Egress Rules)

These rules help protect your cloud resources by only allowing approved network traffic to flow in and out.


🏡 Real-World Analogy

Imagine your house is a virtual machine in OCI, and your street is the internet. You live in a gated community where the guard only allows specific people or deliveries to enter.

  • You maintain a list at the gate of who can visit — this is similar to the ingress rule.

  • You also have a rule at home — like not letting your dog go out without a leash — this is your egress rule.

Similarly, in OCI, the Security List defines who can talk to your server and what your server can talk to.



📋 How It Works in OCI

A Security List is attached to a subnet, and it applies to all the compute instances (VMs) inside that subnet.

It contains rules based on:

  • Source or destination IP address

  • Port number (e.g., 22 for SSH, 80 for HTTP, 443 for HTTPS)

  • Protocol (TCP, UDP, ICMP)



Example Use Case

Let’s say you have a web server running in OCI and you want people across the internet to access it:

  • You’ll create an Ingress Rule to allow traffic from any IP address to port 80 (HTTP)




Let's see in OCI Environment:

  • To access the Oracle Cloud Infrastructure (OCI) Console, navigate to https://www.oracle.com/
  • Upon successful login, you will be redirected to the Oracle Cloud Console homepage


  • Navigate to Navigation Menu -> Compute -> Instances


  •  Click on Virtual Machine name and Instance Detail page will be displayed. Click on the Subnet name to open Subnet details page:


  • For this Subnet, click on the Security List name which is available.




  • In this screen we can see Ingress and Egress Rules. 


  • Add Source CIDR as 0.0.0.0/0 (means all IP Addresses), IP Protocol as TCP & Destination Port Range as 80 and additionally add the description. Then click Add Ingress Rules button





  • Ingress Rule will be added as below:



  • Now with this rule traffic from any IP which be allowed to destination Virtual Compute Machine at port 80. Similarly, you can add additional Ingress or Egress Rules.


Comments

Post a Comment

All Categories

Account Hierarchy1 Accounting Flexfields1 AP Invoices3 API2 ASCII1 Autonomous Database1 BIP7 BIP Refresh Time1 BIP Report1 Business Unit1
Call Fusion BIP Report2 Change Password1 Code Combinations2 Compute Instance2 CTE1 Customer1 Data Aggregation2 Database5 Date Conversion1 DB Adapter2 Decryption1 Development1 EBS4 Encryption1 ESS Jobs3 Examine1 FBDI3 Fusion APIs1 Fusion BIP7 GIT2 GL3 GL Journals1 GL_DAILY_CONVERSION_TYPES1 GL_DAILY_RATES1 ICS1 Identity Domain1 Integrations1 Java1 Journal Import1 Keys1 Legal Entity1 LookupTypeLOV1 LOV1 LOVs1 MultiPartAPIs1 Networking1 NVL2 NVL in OIC2 OCI11 OCI Billing1 OCI Compute5 OCI Cost Management1 OCI Events Service1 OCI Free Tier3 OCI Notifification Service1 OCI Security3 OIC4 OIC Mapper2 Oracle26 Oracle ADF17 Oracle APEX1 Oracle Apps59 Oracle Apps R126 Oracle ATP1 Oracle BIP8 Oracle Cloud12 Oracle Cloud Free Tier1 Oracle cloud Infrastructure9 Oracle Cloud Security2 Oracle Cloud VM1 Oracle DB4 oracle ebs5 Oracle ERP4 Oracle ERP Adapter2 Oracle ERP Cloud7 Oracle financials2 Oracle Forms1 Oracle Fusion57 Oracle Fusion BIP4 Oracle Fusion ERP17 Oracle Fusion Financials18 Oracle Integration Cloud3 Oracle OAF17 Oracle OCI14 Oracle OIC22 Oracle SOA 12c10 Oracle SQL17 Oracle VBCS1 Oracle VBS2 Oracle Visual Builder Cloud Service1 Oracle Visual Builder Studio2 Oracle Workflow Notifications1 Others10 Payables2 Payables Import1 Properties1 R121 Register BIP as ESS Job1 Reset Password1 Responsibility1 REST4 Security List1 Site Map1 SOAP2 SOAP API2 SOAP UI3 SQL16 SQL Functions3 SQL Queries14 SQL Query8 SQL Tips3 SSH1 TCA1 Value Sets1 VBCS1 Virtual Machine2 Virtual Machines1 XML1 XSLT1
Show more