OCI SDN connector
You can configure Security Fabric connector integration with Oracle Cloud Infrastructure (OCI).
To configure an OCI SDN connector in the CLI:
- Configure an SDN connector:
config system sdn-connector edit "oci1" set status enable set type oci set tenant-id "ocid1.tenancy.oc1..aaaaaaaaaaa3aaaaaaaaaaaaaaaaa77xxxxxx54bbbbbb4xxxx35xx55xxxx" set user-id "ocid1.user.oc1..aaaaaaaaa2laaaaa3aaaaaaaaaabbbbbbbbbbcccc3ccccccccccxxxxxxxx" set compartment-id "ocid1.compartment.oc1..aaaaaaaaaaaaaaaaaa7bbbbbbbbbbcccccccccc6xxx53xxxx7xxxxxxxxxx" set oci-region "us-ashburn-1" set oci-region-type commercial set oci-cert "cert-sha2" set update-interval 30 next end - Create a dynamic firewall address for the SDN connector with a supported filter:
config firewall address edit "oci-address-1" set uuid 0b4a496e-8974-51e9-e223-fee75c935fb7 set type dynamic set sdn "oci1" set filter "CompartmentName=DevelopmentEngineering" next end
To configure an OCI SDN connector in the GUI:
- Go to Security Fabric > Fabric Connectors and click Create New.
- In the Public SDN section, select Oracle Cloud Infrastructure (OCI).
- Configuration the connector as needed.
- Click OK.
- Go to Policy & Objects > Addresses and click Create New > Address.
- Configure the address as needed, selecting the OCI connector in the SDN Connector field.
- Click OK.
To confirm that dynamic firewall addresses are resolved by the SDN connector:
- In the CLI, check that the addresses are listed:
config firewall address edit "oci-address-1" set uuid 0b4a496e-8974-51e9-e223-fee75c935fb7 set type dynamic set sdn "oci1" set filter "CompartmentName=DevelopmentEngineering" config list edit "10.0.0.11" next edit "10.0.0.118" next ... next end next end - In the GUI, go to Policy & Objects > Addresses and hover the cursor over the address name.
