Security List Updates
When private endpoint setup is complete, Oracle Support provides you with details for each of your private endpoints. To access RDS from within OCI, you need to edit the security list Ingress Rules of your private subnet. See Table 3-1 for typical ingress rules. Your rules may be different.
Table 3-1 Typical Ingress Rules for Private Endpoint
| Attribute | Value |
|---|---|
| STATELESS | No |
| SOURCE CIDR | (10.0.0.0/16) |
| IP PROTOCOL | TCP |
| SOURCE PORT RANGE | All |
| DESTINATION PORT RANGE | 443, 1521-1522 |
| TYPE AND CODE | (Blank) |
| ALLOWS | All |
| DESCRIPTION | (Optional) |
The source should be the CIDR of the subnet where the private endpoints are deployed.
Customers can create VCNs with various CIDR ranges, such as
10.0.0.0/16, 192.168.0.0/16, or
172.16.0.0/12, and the source CIDR should match the CIDR of the
subnet where the private endpoint is deployed.
Customers should ensure that there are no route rules that route traffic from the PE subnet/VCN to the DRG, NAT, or Internet Gateway, as this can cause issues with the private endpoint. The route tables should be configured to prevent traffic from being routed to these gateways.