Fortinet black logo

Handbook

Oracle Cloud Infrastructure (OCI) Connector

Oracle Cloud Infrastructure (OCI) Connector

When you create an Oracle Cloud Infrastructure (OCI) connector, you are authorizing FortiADC to periodically (default 30s) get information from OCI instances and dynamically populate it in the server pool configuration.

To create an OCI Connector:

  1. Go to Security Fabric > External Connectors.
  2. Click Create New.
  3. Under Public SDN, select Oracle Cloud Infrastructure (OCI) to display the configuration editor.
  4. Configure the following settings:

    Setting

    Description

    NameType a name for the external connector object.
    Status

    Toggle on to enable the external connector object.

    Toggle off to disable the external connector object.

    Update Interval (s)

    Specify the update interval for the connector to get OCI objects and dynamically populates the information in the server pool configuration.

    OCI region type

    Specify the OCI region type.

    OCI region

    Specify the OCI region where your compute instances are located.

    User ID

    The user's OCID.

    Tenant ID

    The tenancy's OCID.
    Refer to this article on how to get the user's OCID and tenancy's OCID: https://docs.oracle.com/en-us/iaas/Content/API/Concepts/apisigningkey.htm#five

    Compartment ID

    The OCID of the Compartment in which your compute instances are deployed.

    Certificate

    The certificate that FortiADC uses to build connections with OCI instances. You can select an existing one or create a new one. Refer to Manage and validate certificates.

    OCI HA status

    Enable this option so that the system will use this connector to get the HA members' information if this FortiADC is deployed in HA mode and is the primary node.

    Use Metadata IAM

    Enable this option to assign IAM role for FortiADC to access OCI objects.

    Note: It must be enabled if the connector is used for OCI HA.

  5. Click Save.

After the connector is created, you can select this connector when creating a server pool. FortiADC will then get the IP addresses of the instances from OCI and dynamically populate the objects in the server pool configuration. This step is not required if you have enabled OCI HA status because in this case the connector will be used by the system to get the information of the HA members instead of the server pool members.

You can use the IP Address Type option to get the private address or public address of the instances. This option is supported only when FortiADC is deployed on OCI.

Oracle Cloud Infrastructure (OCI) Connector

When you create an Oracle Cloud Infrastructure (OCI) connector, you are authorizing FortiADC to periodically (default 30s) get information from OCI instances and dynamically populate it in the server pool configuration.

To create an OCI Connector:

  1. Go to Security Fabric > External Connectors.
  2. Click Create New.
  3. Under Public SDN, select Oracle Cloud Infrastructure (OCI) to display the configuration editor.
  4. Configure the following settings:

    Setting

    Description

    NameType a name for the external connector object.
    Status

    Toggle on to enable the external connector object.

    Toggle off to disable the external connector object.

    Update Interval (s)

    Specify the update interval for the connector to get OCI objects and dynamically populates the information in the server pool configuration.

    OCI region type

    Specify the OCI region type.

    OCI region

    Specify the OCI region where your compute instances are located.

    User ID

    The user's OCID.

    Tenant ID

    The tenancy's OCID.
    Refer to this article on how to get the user's OCID and tenancy's OCID: https://docs.oracle.com/en-us/iaas/Content/API/Concepts/apisigningkey.htm#five

    Compartment ID

    The OCID of the Compartment in which your compute instances are deployed.

    Certificate

    The certificate that FortiADC uses to build connections with OCI instances. You can select an existing one or create a new one. Refer to Manage and validate certificates.

    OCI HA status

    Enable this option so that the system will use this connector to get the HA members' information if this FortiADC is deployed in HA mode and is the primary node.

    Use Metadata IAM

    Enable this option to assign IAM role for FortiADC to access OCI objects.

    Note: It must be enabled if the connector is used for OCI HA.

  5. Click Save.

After the connector is created, you can select this connector when creating a server pool. FortiADC will then get the IP addresses of the instances from OCI and dynamically populate the objects in the server pool configuration. This step is not required if you have enabled OCI HA status because in this case the connector will be used by the system to get the information of the HA members instead of the server pool members.

You can use the IP Address Type option to get the private address or public address of the instances. This option is supported only when FortiADC is deployed on OCI.