Managing a Network Load Balancer's Security Attributes
Add, update, and remove security attributes associated with a network load balancer.
Use Zero Trust Packet Routing (ZPR) along with, or in place of, network security groups to control network access to OCI resources by applying security attributes to them and creating ZPR policies to control communication among them. For more information, see Zero Trust Packet Routing.
ZPR security attributes added to a network load balancer are always configured as the Enforce mode.
The security attributes you added or updated are viewable Security tab in the network load balancer's Details page.
Use the
--security-attributes
option when running the oci nlb network-load-balancer update command to add ZPR security attributes when you're updating it:oci nlb network-load-balancer update --network-load-balancer-id network_load_balancer_ocid --security-attributes security_attributes [OPTIONS]
where
security_attributes
are ZPR tags for this network load balancer. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags.For example:
--network-load-balancer-id {"oracle-zpr":{"td":{"value":"42","mode":"audit"}}}
This is a complex type whose value must be valid JSON.
For a complete list of parameters and values for CLI commands, see the CLI Command Reference.
Add security attributes to a network load balancer's VCN configuration.
Run the UpdateNetworkLoadBalancer operation to create a network load balancer. Include the
securityAttributes
attributes and it values.