Configure Private Endpoints When You Provision or Clone an Instance

You can configure a private endpoint when you provision or clone an Autonomous Database instance.

These steps assume you are provisioning or cloning an instance and you have completed the prerequisite steps, and you are at the Choose network access step of the provisioning or cloning steps:

  1. Select Virtual cloud network.

    This expands the Virtual cloud network private access configuration area.



    Note:

    If you configure a private endpoint, this only allows connections from the specified private network (VCN). If you want to allow connection from public IP addresses, then you need to use the Allow secure access from everywhere option when you provision or clone your Autonomous Database.
  2. Select a Virtual cloud network in your compartment or if the VCN is in a different compartment click CHANGE COMPARTMENT and select the compartment that contains the VCN and then select a virtual cloud network.

    See VCNs and Subnets for more information.

  3. Select the Subnet in your compartment to attach the Autonomous Database to or if the Subnet is in a different compartment click CHANGE COMPARTMENT and select the compartment that contains the Subnet and then select a subnet.

    See VCNs and Subnets for more information.

  4. (Optional) Enter a Hostname prefix.

    This specifies a hostname prefix for the Autonomous Database and associates a DNS name with the database instance, in the following form:

    hostname_prefix.adwc.region.oraclecloud.com

    If you do not specify a hostname prefix, a system generated hostname prefix is supplied.

  5. Select one or more Network security groups (NSGs).

    To allow connections to the Autonomous Database instance, you need to define security rules in an NSG; this creates a virtual firewall for your Autonomous Database.

    For the NSG you select for the private endpoint define a security rule as follows:

    • A stateful ingress rule with the source set to the address range you want to allow to connect to your database, the IP Protocol set to TCP, and the Destination Port Range set to 1522.

    • To use Oracle Application Express, Oracle SQL Developer Web, and Oracle REST Data Services, add port 443 to the NSG rule.

    See Private Endpoints Configuration Examples on Autonomous Database for examples.

    See Network Security Groups for more information.

  6. Complete the remaining provisioning or cloning steps, as specified in Provision Autonomous Data Warehouse, Clone an Autonomous Data Warehouse Instance, or Clone Autonomous Data Warehouse from a Backup.