Oracle Cloud Infrastructure Documentation

Managing a Network Load Balancer's Security Attributes

Add, update, and remove security attributes associated with a network load balancer.

Use Zero Trust Packet Routing (ZPR) along with, or in place of, network security groups to control network access to OCI resources by applying security attributes to them and creating ZPR policies to control communication among them. For more information, see Zero Trust Packet Routing.

ZPR security attributes added to a network load balancer are always configured as the Enforce mode.

  • Adding Security Attributes

    1. On the Network load balancers list page, find the network load balancer that you want to work with. If you need help finding the list page or the network load balancer, see Listing Network Load Balancers.
    2. From the Actions menu for the network load balancer you want, select Manage security attributes .
      The Manage Security Attributes panel opens.
    3. Enter the following information:
      • Namespace: Select a security attribute namespace from the list. This list contains those security attribute namespaces already configured. See Creating a Security Attribute Namespace for more information.
      • Key: Select a key from the list.
      • Value: Select a value for the corresponding key from the list.
    4. Select the Add security attribute button to add another attribute. You can also update the configuration of any existing security attribute listed here.
      Note

      The number of security attributes you can configure for your network load balancer is limited. See Limits for details.
    5. Select Add security attributes at the bottom of the panel to complete the task and return to the network load balancer's details page.
    The security attributes you added are viewable Security tab in the network load balancer's Details page.

    Editing Security Attributes

    To update a network load balancer's existing security attributes, follow these steps
    1. Open the Manage Security Attributes panel in the details page as described earlier in this topic.
    2. Find the network load balancer whose security attributes you want to update.
    3. From the Actions menu, select Update.
      The Update security attribute panel opens.
    4. Update the security attributes as described earlier in this topic.
    5. Select Save changes.
    The security attributes you added or updated are viewable in the Security tab in the network load balancer's details page.

    Deleting Security Attributes

    To delete a network load balancer's existing security attributes, follow these steps
    1. Open the Manage Security Attributes panel in the details page as described earlier in this topic.
    2. Find the network load balancer whose security attributes you want to delete.
    3. From the Actions menu, select Delete.
    4. When prompted, confirm the deletion.

  • Adding Security Attributes

    You can include ZPR security attributes when using oci nlb network-load-balancer create command by including the security-attributes option and corresponding value:

    oci nlb network-load-balancer create ... --security-attributes security_attributes

    where security_attributes are ZPR security attributes for this network load balancer.

    For example:

    oci nlb network-load-balancer create ... --security-attributes {"oracle-zpr":{"td":{"value":"42","mode":"enforce"}}}

    For information on creating a network load balancer using the CLI, see Creating a Network Load Balancer.

    Similarly, you can use the security-attributes option when running the oci opensearch cluster update command to add ZPR security attributes when you're updating it:

    oci opensearch cluster update ... --security-attributes security_attributes

    For information on updating a network load balancer using the CLI, see Editing a Network Load Balancer.

    For a complete list of flags and variable options for CLI commands, see the Command Line Reference.

    Editing Security Attributes

    Use the security-attributes option when running the oci nlb network-load-balancer update command to change the settings of existing ZPR security attributes.

    Deleting Security Attributes

    Use the security-attributes option with the value "{}" when running the oci nlb network-load-balancer update command to delete the settings of ZPR security attributes. For example:

    oci nlb network-load-balancer update ... --security-attributes {}

  • Adding Security Attributes

    Run the CreateNetworkLoadBalancer operation to add security attributes to a network load balancer you're creating. Include the securityAttributes attributes and it values.

    Run the UpdateNetworkLoadBalancer operation to add security attributes to an existing network load balancer. Include the securityAttributes attributes and it values.

    Editing Security Attributes

    Run the UpdateNetworkLoadBalancer operation to update a network load balancer. Include the securityAttributes attributes and update their existing values.

    Deleting Security Attributes

    Run the UpdateNetworkLoadBalancer operation to update a network load balancer. Include the securityAttributes attributes with an empty map to delete the security attributes.