This is the scenario, assume each conponent is separated by firewall:

When end-user is accessing CABI in OC like generating CABI dashboards in OC, what is the minimum firewall rule required (assuming it is port 443)?

Note:

ITEMS E/F : When CABI is running the report it tries to make a connection with DB and for that we need to provide inbound rule on DB machine and outbound rule on CABI machine otherwise CABI will not be able to run the report.

If OC/CABI is running on port 80 then port 80 should be opened
If OC/CABI is running on Port 443 then port 443 is required to be opened