Oracle Database Cloud — Open Ports on OCI
Whenever you would need to open a port to your cloud database so that your applications can have access to it, you would need to change the Security Lists. If you want to open a non-standard port (something different from 1521) you would also need to allow that port on the IPTABLES of the Linux machine that has your cloud database.
You need to be aware that by default communication over the Internet is not secure and traffic is sent in clear format. That means that anyone can intercept that flow of sensitive data if they really wish to. That is why we recommend making an encrypted IPSec tunnel between you and the Cloud or an SSH tunnel using your private/public key pairs.
For tests that don’t use personal or sensitive data you can skip this step but for production workloads it’s a must to have it.
After creating a DB System DATABASE instance (or even a COMPUTE instance) you can open ports by:
- On the DB System details click on the Virtual Cloud Network name. Mine was called WinSrv:
2. On the left menu you will find Security Lists:
3. The Default Security List will show up, click on it:
4. Edit all rules:
5. After you scroll down the list you should be able to find +Another Ingress Rule so you can add a new rule to the ones already there by default:
6. To open the 1521 listener port of a database for example, you leave the Source CIDR as 0.0.0.0/0 if you want to access the database from anywhere — this is not a good practice. I strongly recommend you put here your Public IP address from home/office so that you don’t expose the database to attack from all over the Internet. So any IP like 123.123.123.123
Protocol is TCP by default. Source port is empty and destination port is the port you wish to open, 1521 in my case.
That’s it, after you save the security rule it should open the port immediately.