- Learn how to create a Virtual Cloud Network with internet connectivity
- Add ingress rules in the security list to allow traffic through MySQL Database Service ports
Virtual Cloud Network helps you define your own data centre network topology inside the Oracle Cloud by defining some of the following components (Subnets, Route Tables, Security Lists, Gateways, etc.). Some of these components are set by default automatically within every VCN and can't be deleted: • Default route table, with no route rules • Default security list, with default security rules • Default set of DHCP options, with default values For an overview of VCNs, allowed size, default VCN components, and scenarios for using a VCN, check Networking Overview.
A security list acts as a virtual firewall for an instance, with ingress and egress rules that specify the types of traffic allowed in and out. Each subnet can have multiple security lists associated with it, and each list can have multiple rules. The default security list comes with an initial set of stateful rules, which should in most cases be changed to only allow inbound traffic from authorized subnets relevant to the region that hosts that VCN or subnet. A list of authorized subnet ranges relevant to each region can be found here.
Log-in to your OCI tenancy. Once you have logged-in, select Networking >> Virtual Cloud Networks from the menu icon on the top left corner
From the Compartment picker on the bottom left side, select your compartment from the list
To create a virtual cloud network, click on Start VCN Wizard ,
Select VCN with Internet Connectivity and click Start VCN Wizard
Now you need to complete some infromation and set the configuration for the VCN. In the VCN NAME field enter the value analytics_vcn_test (or any name at your convenience), and make sure that the selected compartment is the right one. Leave all the rest as per default. Click next.
Review and click Create
Once the VCN will be created click View Virtual Cloud Network
Click on the Public_Subnet-analytics_vcn_test link.
Earlier we set up the subnet to use the VCN's default security list, that has default rules, which are designed to make it easy to get started with Oracle Cloud Infrastructure. Now we will customize the default security list of the VCN to allow traffic through MySQL Database Service ports by clicking on Default_Security_List_for_analytics_vcn_test
Click on Add Ingress Rules
Add the necessary rule to the default security list to enable traffic through MySQL Database Service port.
Insert the details as below: Source CIDR 0.0.0.0/0, port 3306, description MySQL Port.
At the end click the blue button Add Ingress Rules
Now that you have created the VCN and added the additional Ingress rules to the Security list, you can proceed to the next lab!
Learn more about VCN and Subnets