Oracle Cloud Infrastructure Documentation

Managing Private Endpoints

Create, edit, and delete private endpoints in Resource Manager.

With private endpoints, you can access nonpublic cloud resources in your tenancy from Resource Manager. For example, configure a private compute instance using Terraform's remote exec functionality and access Terraform configurations in a private GitHub server.

You can perform the following tasks with private endpoints:

Scenarios

Review common scenarios for using private endpoints with Resource Manager.

Private Git Server

Give Resource Manager access to a Git server that isn’t accessible over the internet. User these instructions for a private server that you host at Oracle Cloud Infrastructure or on-premises.

  1. If the private server is on-premises, then set up site-to-site VPN or FastConnect.
    For more information, see Site-to-Site VPN and FastConnect.
  2. Import the private Git server's associated SSL certificate into the Certificates service.

    For more information, see the relevant page:

  3. Create a private endpoint.
  4. Get the reachable IP address for the private endpoint.
  5. Create a configuration source provider that references this private endpoint (and the associated SSL certificate that you imported into the Certificates service).
  6. Create a stack that references this configuration source provider.

Private Remote Exec

Learn how to access private instances with Remote Exec.

  1. Write a Terraform configuration that creates a private instance.
  2. In the Terraform configuration, either create or reference a private endpoint:

    For example Terraform configurations using Resource Manager private endpoints, see Private endpoint Terraform configuration examples.

  3. Add code to your Terraform configuration to convert the private endpoint to a reachable IP address.

    Use an IP address in the range 240.0.0.0 to 255.255.255.255 (Class E; see RFC 1112, Section 4).

    Example code
    resource "null_resource" "remote-exec" {
  depends_on = [oci_core_instance.private_endpoint_instance]

  provisioner "remote-exec" {
    connection {
      agent = false
      timeout = "30m"
      host = data.oci_resourcemanager_private_endpoint_reachable_ip.test_private_endpoint_reachable_ips.ip_address
      user = "opc"
      private_key = tls_private_key.public_private_key_pair.private_key_pem
    }

    inline = [
      "echo 'remote exec showcase' > ~/remoteExecTest.txt"
    ]
  }
}

    For example Terraform configurations using Resource Manager private endpoints, see Private endpoint Terraform configuration examples.

  4. Store the Terraform configuration in a supported location.
  5. Create a stack that references this Terraform configuration.
  6. Run an apply job on the stack.
    The private instance and private endpoint are created. You can now use Remote Exec to access your private instance.