2 Prerequisites
When you request a private endpoint for RDS begin by creating a private subnet in a compartment and VCN of your choice. Oracle Support will ask for the following information:
-
Tenancy OCID
-
Compartment Name
-
Compartment OCID
-
VCN OCID
-
Subnet OCID
This information is readily available on the OCI Console and is accessible when you create your subnet. You may create a new child compartment as well as a new VCN if you choose. Once you have completed this task, put the following policies in place using the Identity > Policies screen on your OCI Console.
Allow service ORACLE_INDUSTRY_SAAS to manage vnics in compartment <Customer Compartment Name>
allow service ORACLE_INDUSTRY_SAAS to use subnets in compartment <Customer Compartment Name>
allow service ORACLE_INDUSTRY_SAAS to use network-security-groups in compartment <Customer Compartment Name>
allow service ORACLE_INDUSTRY_SAAS to inspect work-requests in compartment <Customer Compartment Name>Note:
If you use an http or https endpoint for notification of database credential rotation, you may need to add an ingress rule to ensure that the notification endpoint is reachable from the Credential Exchange Server. See Credentials.