Typical Workflow to Restrict Public Access using Rules

If you want to deploy an Oracle Analytics Cloud instance with a public endpoint for the first time with one or more access control rules, follow these tasks as a guide.

Task Description More Information
Understand prerequisites for a public endpoint Consider whether or not your organization plans to restrict access for incoming traffic. If required, record the IP addresses, CIDR ranges, and VCNs that you plan to allow access to. Prerequisites for a Public Endpoint

Create Oracle Analytics Cloud with a public endpoint

Use Oracle Cloud Infrastructure Console to deploy a new service.

Create Oracle Analytics Cloud with a Public Endpoint

Allow access by IP address, CIDR range, VCN, and to Oracle services

Add one or more access control rules for incoming traffic. You can allow access to Oracle Analytics Cloud by public IP address, public CIDR block range, VCN, and to Oracle services.

Control Incoming Traffic for a Public Endpoint (Ingress)

(Optional) Set up private access from your on-premise network

Set up an Oracle Cloud Infrastructure VCN that connects to your on-premise network using FastConnect private peering or VPN Connect. The VCN must be deployed in the same region as Oracle Analytics Cloud.

Set up a service gateway in your VCN, and a route table to send traffic to Oracle Analytics Cloud through the service gateway.

Add an access control rule in your Oracle Analytics Cloud instance that allows access from your VCN.

Configure VCN peering to your on-premise network through FastConnect or VPN Connect to enable access from your on-premise network.

Configure transit routing with the VCN to give your on-premise network private access to Oracle Analytics Cloud.

Working with VCNs and Subnets

Setting Up a Service Gateway in the Console

Control Incoming Traffic for a Public Endpoint (Ingress)

Access to Your On-Premises Network

Setting Up Private Access to Oracle Services

(Optional) Set up private access from hosts on your VCN

Set up an Oracle Cloud Infrastructure VCN in the same region as Oracle Analytics Cloud.

Set up a service gateway in your VCN, and a route table to send traffic to Oracle Analytics Cloud through the service gateway.

Add an access control rule in your Oracle Analytics Cloud instance that allows access from your VCN.

Working with VCNs and Subnets

Setting Up a Service Gateway in the Console

Control Incoming Traffic for a Public Endpoint (Ingress)

(Optional) Set up a private access channel

Set up a private access channel and register the domain names or SCAN host names of the data sources that require private access.

Use network security group rules to restrict access to your private data sources.

Connect to Private Data Sources Through a Private Access Channel

Control Outgoing Traffic for a Public Endpoint (Egress)