Learn About Oracle Database@Azure

Oracle Database@Azure is the Oracle Database service running on Oracle Cloud Infrastructure (OCI), colocated in Microsoft Azure data centers.

Oracle Database@Azure brings Oracle technologies, such as Oracle Exadata Database Service, Oracle Real Application Clusters (Oracle RAC), and Oracle Data Guard, into the Azure platform. The service uses Azure networking and Azure Virtual Network (VNet) access. Users manage the service on the Azure console or using Azure automation tools. The service benefits from the simplicity, security, and low latency of a single operating environment within Azure. Microsoft Entra ID provides federated identity and access management for Oracle Database@Azure. The service is deployable across multiple Azure availability zones (AZs) and regions to ensure business continuity and cloud resilience.


All Oracle Maximum Availability Architecture-validated (MAA-validated) Oracle Database@Azure and performance observations will be documented in MAA's Oracle Database Cloud Best Practices.


This reference architecture shares the best practice for a cross availability zone (AZ) Oracle Data Guard solution.

When designing mission-critical database applications, business continuity practices and high availability topologies should always be considered. The architecture shows a containerized application in Azure Kubernetes Service (AKS). The container images are stored in the Azure container registry. Users access the application externally through a public load balancer. The primary database is deployed on Exadata VM cluster in Azure AZ1. The application VNet connects to the database VNet via VNet peering. The applications in AKS access the database in the client subnet through the delegated subnet. The secondary database is deployed in a separate availability zone in the region; in this case AZ2. Oracle Data Guard or Active Data Guard can be used to replicate the data from the primary database to the secondary database. Active Data Guard is recommended in cross AZ database replication. Active Data Guard provides key enhancements for data protection including automatic block repair and application continuity as well as the ability to offload "read-mostly" workloads from the primary to the standby for scalability benefits. The database keys are stored in OCI Vault, and the automatic backups are stored in OCI Object Storage.

We recommend the following principles:

  • Oracle Exadata Database Service on Dedicated Infrastructure (ExaDB-D). Each Exadata infrastructure deployment has at least one Exadata VM cluster in a separate virtual network (VNet) to form the primary and standby environments.
  • Primary and standby client and backup subnets are separated VNets without overlapping IP CIDR ranges.
  • The application tier spans at least two AZs, and the VNet is peered with each VNet of primary and standby VM clusters.
  • Database backups and restore operations are achieved using OCI Object Storage, the built-in Oracle Database automatic backup mechanism.


This architecture has the following components:

  • Region

    An Oracle Cloud Infrastructure region is a localized geographic area that contains one or more data centers, called availability domains. Regions are independent of other regions, and vast distances can separate them (across countries or even continents).

    An Azure region is a geographical area in which one or more physical Azure data centers, called availability zones, reside. Regions are independent of other regions, and vast distances can separate them (across countries or even continents).

    Azure and OCI regions are localized geographic areas. For Oracle Database@Azure, an Azure region is connected to an OCI region, with availability zones (AZs) in Azure connected to availability domains (ADs) in OCI. Azure and OCI region pairs are selected to minimize distance and latency.

  • Data Guard and Active Data Guard

    Oracle Data Guard provides a comprehensive set of services that create, maintain, manage, and monitor one or more standby databases to enable primary Oracle databases to remain available without interruption. Oracle Data Guard maintains these standby databases as copies of the production database using in-memory replication. Then, if the production database becomes unavailable because of a planned or an unplanned outage, Oracle Data Guard can switch any standby database to the production role, minimizing the downtime associated with the outage.

    Active Data Guard extends the capabilities of Oracle Data Guard by providing the ability to offload read-mostly workloads to standby databases in addition to advanced data protection features like automatic block repair and application continuity.

  • Data Guard Observer

    The primary job of Data Guard Observer is to perform an automatic failover when conditions permit it to do so without violating the data durability constraints set by the DBA. It is a low-footprint Oracle Call Interface client built into the DGMGRL CLI. Like any other client, an observer can be run from any hardware platform that supports it, and that platform can be different from the primary or target standby database platform.

  • Vault

    Oracle Cloud Infrastructure Vault enables you to centrally manage the encryption keys that protect your data and the secret credentials that you use to secure access to your resources in the cloud. OCI Vault is used to store transparent data encryption (TDE) keys to encrypt ExaDB-D databases at rest.

  • Exadata Database Service

    Oracle Exadata Database Service enables you to leverage the power of Exadata in the cloud. You can provision flexible Exadata X9M systems that allow you to add database compute servers and storage servers to your system as your needs grow. Exadata X9M systems offer RDMA over Converged Ethernet (RoCE) networking for high bandwidth and low latency, persistent memory (PMEM) modules, and intelligent Exadata software. You can provision Exadata X9M systems by using a shape that's equivalent to a quarter-rack X9M system, and then add database and storage servers at any time after provisioning.

    Oracle Exadata Database Service on Dedicated Infrastructure provides Oracle Exadata Database Machine as a service in an Oracle Cloud Infrastructure (OCI) data center. The Oracle Exadata Database Service on Dedicated Infrastructure instance is a virtual machine (VM) cluster that resides on Exadata racks in an OCI region.

    Oracle Database@Azure provides the Oracle Exadata Database Service running on OCI, colocated in Microsoft Azure data centers.

  • Object storage

    Object storage provides quick access to large amounts of structured and unstructured data of any content type, including database backups, analytic data, and rich content such as images and videos. You can safely and securely store and then retrieve data directly from the internet or from within the cloud platform. You can scale storage without experiencing any degradation in performance or service reliability. Use standard storage for "hot" storage that you need to access quickly, immediately, and frequently. Use archive storage for "cold" storage that you retain for long periods of time and seldom or rarely access.

  • Oracle Database@Azure

    Oracle Database@Azure integrates Oracle Exadata Database Service, Oracle Real Application Clusters (Oracle RAC), and Oracle Data Guard technologies into the Azure platform.

    Oracle Database@Azure is the Oracle Database service running on Oracle Cloud Infrastructure (OCI), and is colocated in Microsoft Azure data centers. The service offers features and price parity with OCI. Users purchase the service on Azure Marketplace.

    Oracle Database@Azure service offers the same low latency as other Azure-native services and meets mission-critical workloads and cloud-native development needs. Users manage the service on the Azure console and with Azure automation tools. The service is deployed in Azure Virtual Network (VNet) and integrated with the Azure identity and access management system. The OCI and Oracle Database metrics and audit logs are natively available in Azure. The service requires that users have an Azure tenancy and an OCI tenancy.

  • Azure Container Registry

    Azure Container Registry (ACR) is a managed service for storing and managing container images and related artifacts.

  • Azure availability zone

    An availability zone is a physically separate data center within a region that is designed to be available and fault tolerant. Availability zones are close enough to have low-latency connections to other availability zones.

  • Azure Kubernetes Service

    Azure Kubernetes Service (AKS) is a managed Kubernetes service offered by Microsoft Azure.

  • DNS

    DNS (Domain Name System) is the internet’s phonebook, translating domain names to IP addresses for web browsing.

  • Azure Load Balancer

    Azure Load Balancer provides automated traffic distribution from a single-entry point to multiple servers in the back end.

  • Microsoft Azure Virtual Network

    Microsoft Azure Virtual Network (VNet) is the fundamental building block for your private network in Azure. VNet enables many types of Azure resources, such as Azure virtual machines (VM), to securely communicate with each other, the internet, and on-premises networks.

About Required Services and Roles

This solution requires the following services and roles:

These are the roles needed for each service.

Service Name: Role Required to...
(Azure) Oracle Database Infrastructure administrator Create primary and standby Exadata infrastructures
(Azure) Oracle Database VM cluster administrator Create primary and standby Exadata VM clusters
(OCI) odbaa-vm-cluster-administrators Create primary and standby Oracle Data Guard configurations

See Oracle Products, Solutions, and Services to get what you need.