Overview of Private Endpoints
You can specify that Autonomous AI Database uses a private endpoint inside your Virtual Cloud Network (VCN) in your tenancy. You can configure a private endpoint during provisioning or cloning your Autonomous AI Database, or you can switch to using private endpoints in existing databases that use public endpoints. This allows you to keep all traffic to and from your Autonomous AI Database off of the public internet.
Specifying the Private endpoint access only configuration option only allows traffic from the VCN you specify and blocks access to the database from all public IPs or VCNs. This allows you to define security rules, ingress/egress, at the Network Security Group (NSG) level and to control traffic to your database.
Select the Allow public access option when you want to configure an Autonomous AI Database to use a private endpoint and you also want to allow connections from specific public IP addresses or from specific VCNs (if the VCNs are configured to privately connect to Autonomous AI Database using a Service Gateway).
See Configure Network Access with Private Endpoints for the steps for configuring network access with a private endpoint, either when you provision or clone your database or when you modify a private endpoint.