Register an Oracle Cloud@Customer Database
You can register Oracle Cloud@Customer databases as target databases with Oracle Data Safe.
In Oracle Data Safe, use the Oracle Cloud@Customer Databases wizard to register the following Oracle Cloud@Customer databases:
- Exadata Database on Cloud@Customer
- Autonomous Database on Exadata Cloud@Customer
Note:
Be sure to complete the preregistration tasks before using the wizard and the post registration tasks after using the wizard.Cloud@Customer Preregistration Tasks
The following table lists the preregistration tasks.
Task Number | Task | Link to Instructions |
---|---|---|
1 | In Oracle Cloud Infrastructure Identity and Access Management (IAM), obtain permissions to register your target database. | Permissions to Register an Oracle Cloud@Customer Database with Oracle Data Safe |
2 | (Exadata Database on Cloud@Customer) Create an Oracle Data Safe service account on your target database and grant it Oracle Data Safe roles. Create the service account as the SYS user.
|
Create an Oracle Data Safe Service Account on Your Target Database |
3 | (Exadata Database on Cloud@Customer) Grant the Oracle Data Safe service account on your target database Oracle Data Safe roles. |
Grant Roles to the Oracle Data Safe Service Account on Your Target Database |
4 | (Exadata Database on Cloud@Customer) If you plan to connect to the target database via an Oracle Data Safe private endpoint and want to configure a TLS connection, create a wallet or certificate. |
Run the Oracle Cloud@Customer Databases Wizard
This is the registration workflow in the wizard:
Step 2: Connectivity Option
In this step, choose to connect to the target database through either an Oracle Data Safe on-premises connector or an Oracle Data Safe private endpoint. If you have FastConnect or VPN Connect set up between your network and a virtual cloud network (VCN) in Oracle Cloud Infrastructure, you can register your database with Oracle Data Safe by using an Oracle Data Safe private endpoint.
Note:
- FastConnect in Oracle Cloud Infrastructure is a secure connection between a customer's on-premises network and Oracle Cloud Infrastructure over a private network.
- VPN Connect in Oracle Cloud Infrastructure is a site-to-site IPSec virtual private network that securely connects your on-premises network to Oracle Cloud Infrastructure, using your existing internet connection.
Step 3: Select Peer Database
If you're registering an Active Data Guard associated database then you can add the standby databases at this step. If you're not registering an Active Data Guard associated database, then skip this step by clicking Next.
- On the Select Additional Peer Database to Register (Optional) page you will see a list of standby database that are associated with the primary database that you specified in the previous step. Select from the list which of the standby databases you would like to register as peers.
It is also possible to register standby databases after the primary database has been registered. See Manage Peer Databases Associated with a Registered Active Data Guard Primary Database for more information.
- (Optional) Click + on a standby database to see the details for and edit any of the following if necessary:
- Peer Display Name
- Database Service Name
- Database Port Number
- TCP/TLS
- Click Next.
If you selected On-premises connector
in Step 1, the wizard takes you directly to Step 5: Review and submit.
Step 4: Add Security Rule
Note:
This step applies only if you are configuring a private endpoint.In this step, the wizard adds the required egress rules to enable communication between the Oracle Data Safe private endpoint and your target database. Egress rules do not need to be stored within the same security list, network security group, or same compartment. If you already created the necessary security rules, you can choose to skip this step. An ingress rule is not required.
See Also:
For more information about security lists and network security groups, see Access and Security in the Oracle Cloud Infrastructure documentation.Step 4: Review and Submit
If you configured a target database using an Oracle Data Safe private endpoint, the Review and Submit page displays the configuration for Target Database Information, Connectivity Option, and Security Rules.
If you configured a target database that uses an Oracle Data Safe on-premises connector, you did not need to configure security rules, so this summary shows information about your target database and connectivity.
- Review the target database configuration.
- If the information is correct, click Register. If not, click Previous to return to any of the earlier steps, or click Cancel.
Post Registration Tasks for an Oracle Cloud@Customer Database
The following table lists tasks that you need to complete after you run the Oracle Cloud@Customer Databases wizard.
Task Number | Task | Link to Instructions |
---|---|---|
1 |
(If you selected to create an Oracle Data Safe on-premises connector) Download the install bundle for the on-premises connector and then install the on-premises connector on a host machine on your network. |
Create an Oracle Data Safe On-Premises Connector |
2 | (If you are using a TLS connection and an Oracle Data Safe on-premises connector) Configure a TLS connection between the on-premises connector and your target database. |
|
3 |
(Optional) Change which features are allowed for the Oracle Data Safe service account on your target database by granting/revoking
roles from the account. You need to be the |
Grant Roles to the Oracle Data Safe Service Account on Your Target Database |
4 |
(Optional) Grant users access to Oracle Data Safe features with the target database by configuring policies in Oracle Cloud Infrastructure Identity and Access Management. |
Create IAM Policies for Oracle Data Safe Users |
5 |
(If needed) Update the |
Manage Target Databases - See the Update the Database User section |
6 |
Make sure to allow ingress traffic to your target database from the Oracle Data Safe private endpoint or Oracle Data Safe on-premises connector. |
(none) |