1 Introduction

The Oracle Retail AI Foundation Cloud Service database is accessible through Innovation Workbench including APEX and Notebook development environments. Private endpoints extend access to Retail AI Foundation Cloud Service within the virtual cloud network (VCN) on Oracle Cloud Infrastructure or to other networks peered to the VCN such as your corporate network. You can access Retail AI Foundation Cloud Service data from hosts within the virtual cloud network (VCN) or from the on-premises network.

Figure 1-1 Retail AI Foundation Cloud Service Access through a Private Endpoint

Access through a Private Endpoint

With a private endpoint, traffic does not go over the internet. A private endpoint is a private IP address within your VCN that can be used to access a given service within the Oracle Cloud Infrastructure. The service sets up the private endpoint in a subnet of your choice within the VCN. The private endpoint is just another Virtual Network Interface Card (VNIC) in your VCN.

You control access to it as you would for any other VNIC by using security rules. When you set up a private endpoint for Retail AI Foundation Cloud Service, however, the VNIC is set up for you, and its availability is maintained on your behalf. Your only responsibility is to maintain the subnet and the security rules. See Figure 1.

Be aware; taking full advantage of your private endpoint requires substantial networking skills. For additional information, consult Oracle documentation on OCI networking, OCI private access, FastConnect, and site-to-site VPN.

When you request a private endpoint for Retail AI Foundation Cloud Service, you receive an endpoint for each of your environments: production, stage, and so on. You also receive a second private endpoint that gives you access to a Credential Exchange Service (discussed in more detail below). Establishing a private endpoint requires some lead time and a short outage on each environment (two to eight hours depending on environment size). The outage on each environment precedes the availability of the endpoint by several days. In short, the time between your request for private endpoint access and its availability is measured in days not hours or minutes. Oracle support will contact you to schedule environment outages.