Create a Private Instance Using Oracle Cloud Infrastructure FastConnect

You may need additional performance or security that may not be available over the public internet. Oracle Cloud Infrastructure FastConnect can be used to provide a more performant, robust, and secure connection to your Oracle Content Management instance. This type of connection is often used by customers who want to ensure access is limited to internal networks or that end users have the best and most reliable connection possible.

Note:

If you're using Oracle Content Management Starter Edition, FastConnect isn't supported. To take advantage of the full feature set, upgrade to the Premium Edition.

If you want to create such an instance, you need to set up Oracle Cloud Infrastructure FastConnect and perform some additional prerequisite steps. FastConnect provides a dedicated private connection with higher bandwidth and a more reliable and consistent networking experience when compared to internet-based connections.

Before you can create a private instance, you need to perform the following prerequisite steps:

  1. Set up FastConnect on the tenancy.
  2. Get your tenancy OCID and name.
  3. Create a local peering gateway.
  4. Create a requestor group.
  5. Create a requestor policy.
  6. Create a support request.

Get Your Tenancy OCID

To get your tenancy's OCID, perform the following steps:

  1. Sign in to Oracle Cloud as the cloud account administrator. You can find your account name and login information in your welcome email.
  2. In the Infrastructure Console, click Navigation menu icon , click Governance & Administration, then, under Account Management, click Tenancy Details.
  3. Next to the OCID, click Copy. Save this tenancy OCID to include with your support request later.

Create a Local Peering Gateway

For information on peering, see Local VCN Peering (Within Region).

To create a local peering gateway, perform the following steps:

  1. In the Infrastructure Console, click Navigation menu icon , click Networking, then click Virtual Cloud Networks.
  2. Open the VCN you created when you set up FastConnect on the tenancy.
  3. Click Local Peering Gateways.
  4. Click Create Local Peering Gateway.
  5. Enter a name for the gateway (for example, customer-to-oce-lpg).
  6. Select the compartment in which you want to store the peering.
  7. Click Create Local Peering Gateway.
  8. In the list of Local Peering Gateways, click More icon, and then click Copy OCID. Save this local peering gateway OCID to include with your support request later.

Create a Requestor Group

To create a requestor group and add the Oracle Cloud Infrastructure tenancy administrator, perform the following steps:

  1. In the Infrastructure Console, click Navigation menu icon on the top left to open the navigation menu, click Identity & Security, then, under Identity, click Groups.
  2. Click Create Group.
  3. Enter a name for the requestor group (for example, RequestorGrp).
  4. Click Create.
  5. Click the group name to open the group details.
  6. Click Add User to Group.
  7. In the Users drop-down list, select a user with Oracle Cloud Infrastructure tenancy administrator privileges, and then click Add.
  8. On the group details page, copy the OCID. Save this requestor group OCID to include with your support request later.

Create a Requestor Policy

To create a requestor policy, perform the following steps:

  1. In the Infrastructure Console, click Navigation menu icon on the top left to open the navigation menu, click Identity & Security, then, under Identity, click Policies.
  2. If necessary, select a different compartment for the policy.
  3. Click Create Policy.
  4. Enter the following details:
    • Policy: RequestorPolicy
    • Description: Requestor policy for peering
    • Statement:
      Define tenancy Acceptor as OCETenancyOCID
      Allow group RequestorGroup to manage local-peering-from in compartment GroupCompartmentName
      Endorse group RequestorGroup to manage local-peering-to in tenancy Acceptor
      Endorse group RequestorGroup to associate local-peering-gateways in compartment PeeringCompartmentName with local-peering-gateways in tenancy Acceptor

      Replace the following values:

      • OCETenancyOCID: Replace with the realm-specific tenancy OCID from the following table.
        Realm Tenancy OCID
        oc1 ocid1.tenancy.oc1..aaaaaaaa4yafecztqbebznfxpjzwm52wuaeornzgzqrujpbkmeez6zuigv7a
        oc4 ocid1.tenancy.oc4..aaaaaaaamxjaupllkzz2a2qmvcon7rprzlu4hmyfajsfk3ezzmdstterlbya
        oc8 ocid1.tenancy.oc8..aaaaaaaanpm5o3ejwjerjyiwsh4u5rd6mpme5ftq44ue5pkxnnhvfy3swv2q
      • RequestorGroup: Replace with the name of the requestor group you created.
      • GroupCompartmentName: Replace with the name of the compartment in which you created the requestor group.
      • PeeringCompartmentName: Replace with the name of the compartment in which you created the peering.

      For more information, see Set up the IAM policies (VCNs in different tenancies).

  5. Click Create.

Create a Support Request

Create a request with Oracle Support stating you want to create a private service instance. Make sure to include the following information that you collected earlier in your request:

  • Tenancy OCID
  • Local peering gateway OCID
  • Requestor group OCID

Oracle Support will reply with a validation URL for you to test. After you've tested the URL, create your instance, making sure to set the Instance Access Type to Private. You can create multiple instances that use FastConnect in this same domain just by setting the instance access type to private.