Set the Network Access For a Private Endpoint

You use the Choose network access panel to configure an instance as a private endpoint. When setting the instance as a private endpoint, you will need to provide details about the VCN where you want the private endpoint.

When configured as a private endpoint, the instance only allows connections from the specified private network (VCN), from peered VCNs, and from on-prem networks connected to your VCN.

These steps assume you are provisioning an instance, or are converting an existing instance to a private endpoint, and you have completed the prerequisite steps:

1. In the Choose network access panel, select Private endpoint access only.

   This expands the pane where you configure the VNC details:

   
   

   
   Description of the illustration pe-choose-network-access.png

   
   

   Note:

   The following restrictions apply when converting a publicly-accessible instance to an instance that uses a private endpoint:

   • You cannot convert an instance if its node count is greater than one.
   • You cannot convert a VB instance created in an IDCS domain if its home region is different from the currently selected region.

   You cannot combine changing an instance's network access with any other instance updates.

2. Select a VCN compartment, and a VCN in your compartment.

   See VCNs and Subnets for more information.

3. Select the Subnet compartment, and a private subnet in your compartment.

   See VCNs and Subnets for more information.

4. (Optional) Click Advanced options to configure advanced options, including adding network security groups, and specifying a private IP address.
   See Configure Private Endpoint Advanced Network Options.