diff --git a/.DS_Store b/.DS_Store index 4916c2a3..e3a96522 100644 Binary files a/.DS_Store and b/.DS_Store differ diff --git a/zpr/compare/images/db-connection-policy.png b/zpr/compare/images/db-connection-policy.png index b457135a..46420c71 100644 Binary files a/zpr/compare/images/db-connection-policy.png and b/zpr/compare/images/db-connection-policy.png differ diff --git a/zpr/compare/images/ingress-rules.png b/zpr/compare/images/ingress-rules.png index 3e306fa4..e78e41c3 100644 Binary files a/zpr/compare/images/ingress-rules.png and b/zpr/compare/images/ingress-rules.png differ diff --git a/zpr/compare/images/zpr-create-namespace.png b/zpr/compare/images/zpr-create-namespace.png index 824dca27..8719dacd 100644 Binary files a/zpr/compare/images/zpr-create-namespace.png and b/zpr/compare/images/zpr-create-namespace.png differ diff --git a/zpr/compare/images/zpr-instance-policy.png b/zpr/compare/images/zpr-instance-policy.png index d3062a00..cbf78167 100644 Binary files a/zpr/compare/images/zpr-instance-policy.png and b/zpr/compare/images/zpr-instance-policy.png differ diff --git a/zpr/compare/images/zpr-protected.png b/zpr/compare/images/zpr-protected.png index c613cc2d..dc5755a4 100644 Binary files a/zpr/compare/images/zpr-protected.png and b/zpr/compare/images/zpr-protected.png differ diff --git a/zpr/namespace/images/sec-attrs.png b/zpr/namespace/images/sec-attrs.png index 3f07ee7d..71420021 100644 Binary files a/zpr/namespace/images/sec-attrs.png and b/zpr/namespace/images/sec-attrs.png differ diff --git a/zpr/namespace/images/zpr-attribute-namespace.png b/zpr/namespace/images/zpr-attribute-namespace.png index 7329caaa..0889ef66 100644 Binary files a/zpr/namespace/images/zpr-attribute-namespace.png and b/zpr/namespace/images/zpr-attribute-namespace.png differ diff --git a/zpr/namespace/images/zpr-attributes-list.png b/zpr/namespace/images/zpr-attributes-list.png index 6cb4132f..49d0da67 100644 Binary files a/zpr/namespace/images/zpr-attributes-list.png and b/zpr/namespace/images/zpr-attributes-list.png differ diff --git a/zpr/namespace/images/zpr-create-attribute.png b/zpr/namespace/images/zpr-create-attribute.png index 509988e0..be3dfabc 100644 Binary files a/zpr/namespace/images/zpr-create-attribute.png and b/zpr/namespace/images/zpr-create-attribute.png differ diff --git a/zpr/namespace/images/zpr-create-namespace.png b/zpr/namespace/images/zpr-create-namespace.png index 824dca27..4218e98e 100644 Binary files a/zpr/namespace/images/zpr-create-namespace.png and b/zpr/namespace/images/zpr-create-namespace.png differ diff --git a/zpr/namespace/images/zpr-namespace-attr.png b/zpr/namespace/images/zpr-namespace-attr.png index 3f9757cf..0277c751 100644 Binary files a/zpr/namespace/images/zpr-namespace-attr.png and b/zpr/namespace/images/zpr-namespace-attr.png differ diff --git a/zpr/namespace/images/zpr-namespace.png b/zpr/namespace/images/zpr-namespace.png index 09a2fb96..ebba694a 100644 Binary files a/zpr/namespace/images/zpr-namespace.png and b/zpr/namespace/images/zpr-namespace.png differ diff --git a/zpr/namespace/images/zpr-vcn-attribute.png b/zpr/namespace/images/zpr-vcn-attribute.png index 420d0595..77827a8e 100644 Binary files a/zpr/namespace/images/zpr-vcn-attribute.png and b/zpr/namespace/images/zpr-vcn-attribute.png differ diff --git a/zpr/vm-access/images/protect-vm.png b/zpr/vm-access/images/protect-vm.png index 8c335495..f6ff286a 100644 Binary files a/zpr/vm-access/images/protect-vm.png and b/zpr/vm-access/images/protect-vm.png differ diff --git a/zpr/vm-access/images/zpr-egress.png b/zpr/vm-access/images/zpr-egress.png index 6e72b8ed..f2b2414b 100644 Binary files a/zpr/vm-access/images/zpr-egress.png and b/zpr/vm-access/images/zpr-egress.png differ diff --git a/zpr/vm-access/images/zpr-ingress.png b/zpr/vm-access/images/zpr-ingress.png deleted file mode 100644 index 3e306fa4..00000000 Binary files a/zpr/vm-access/images/zpr-ingress.png and /dev/null differ diff --git a/zpr/vm-access/images/zpr-instance-policy.png b/zpr/vm-access/images/zpr-instance-policy.png index d3062a00..85606214 100644 Binary files a/zpr/vm-access/images/zpr-instance-policy.png and b/zpr/vm-access/images/zpr-instance-policy.png differ diff --git a/zpr/vm-access/images/zpr-policy-i1-to-i2.png b/zpr/vm-access/images/zpr-policy-i1-to-i2.png deleted file mode 100644 index f3c8c6b3..00000000 Binary files a/zpr/vm-access/images/zpr-policy-i1-to-i2.png and /dev/null differ diff --git a/zpr/vm-access/images/zpr-protect-instance-two.png b/zpr/vm-access/images/zpr-protect-instance-two.png deleted file mode 100644 index d277fac6..00000000 Binary files a/zpr/vm-access/images/zpr-protect-instance-two.png and /dev/null differ diff --git a/zpr/vm-access/images/zpr-protect-resource.png b/zpr/vm-access/images/zpr-protect-resource.png index d0d7964c..f45f19e7 100644 Binary files a/zpr/vm-access/images/zpr-protect-resource.png and b/zpr/vm-access/images/zpr-protect-resource.png differ diff --git a/zpr/vm-access/images/zpr-protected.png b/zpr/vm-access/images/zpr-protected.png index c613cc2d..ee63f737 100644 Binary files a/zpr/vm-access/images/zpr-protected.png and b/zpr/vm-access/images/zpr-protected.png differ diff --git a/zpr/vm-access/vm-access.md b/zpr/vm-access/vm-access.md index 86eb8145..4fe84eef 100644 --- a/zpr/vm-access/vm-access.md +++ b/zpr/vm-access/vm-access.md @@ -86,8 +86,6 @@ Now we will apply an attribute to your instance two. This will protect your inst ![Select the resource to protect](images/protect-vm.png) - ![ZPR protect instance by adding a security attribute](images/zpr-protect-instance-two.png) - ## Task 3: Try to ssh into instance 2 @@ -119,9 +117,9 @@ Try to ssh from your laptop and also try from your first compute instance. Your **Note** You would never use 0.0.0.0/0 in production but you would normally use something to limit it to your specific laptop's IP address or something very close to it like 192.1.223.0/12 So try to limit the ingress to a much smaller foot print then all possible IP addresses as done in this screen shot. You should also limit the traffic to port 22 for ssh only to limit someone from trying to attack your server using other tools/ports. - ![Allow traffic into network](images/ingress-rules.png) + ![Allow traffic into network](images/zpr-ingress.png) - ![Allow traffic out from your network](images/egress-rules.png) + ![Allow traffic out from your network](images/zpr-egress.png) -- Add a security attribute to the instance one ![ZPR protect a resource](images/zpr-protect-resource.png)