Create an Oracle Data Safe Private Endpoint

You can create an Oracle Data Safe private endpoint to connect Oracle Data Safe to an Oracle Cloud Database (with a private IP address), on-premises Oracle AI Database, and Oracle AI Database on Compute. Create the Oracle Data Safe private endpoint on the Private endpoints page in the Oracle Data Safe service in Oracle Cloud Infrastructure.

Prerequisites Tasks for Creating an Oracle Data Safe Private Endpoint

Prior to creating an Oracle Data Safe private endpoint, be sure to complete the following prerequisite tasks:

  • Obtain permission to create virtual networking resources in Oracle Cloud Infrastructure. See the section called Target Registration Resources in OCI Resources for Oracle Data Safe.
  • Obtain permission to create an Oracle Data Safe private endpoint in Oracle Cloud Infrastructure. See the section called Target Registration Resources in OCI Resources for Oracle Data Safe.

Create an Oracle Data Safe Private Endpoint

  1. Refer to the following table to obtain the network information for your database.
    Database How to Find Network Information for your Database
    Oracle Autonomous AI Database Serverless (private IP address)
    1. From the navigation menu in Oracle Cloud Infrastructure, select Oracle AI Database, and then Autonomous AI Database.
    2. Select the compartment that contains your database.
    3. Click the name of your database.
    4. Under Network on the the Autonomous AI Database information tab, make note of the VCN and subnet names.
    Autonomous AI Database on Dedicated Exadata Infrastructure (private IP address)
    1. From the navigation menu in Oracle Cloud Infrastructure, select Oracle AI Database, and then Autonomous AI Database on Dedicated Infrastructure.
    2. Click Autonomous Exadata Infrastructure.
    3. On the right, in the Autonomous Exadata Infrastructure table, click the name of the infrastructure in which your database exists.
    4. Under Network, make note of the VCN and subnet names.
    Oracle Base Database Service - DB system (private IP address)
    1. From the navigation menu in Oracle Cloud Infrastructure, select Oracle AI Database, and then Oracle Base Database Service.
    2. Click the name of your DB system.
    3. On the DB system information tab, under Network, make note of the VCN and subnet names.
    Oracle AI Database on a compute instance in Oracle Cloud Infrastructure
    1. From the navigation menu in Oracle Cloud Infrastructure, select Compute, and then Instances.
    2. Click the name of your compute instance.
    3. On the Instance information tab, make note of the VCN and subnet names.
    Oracle AI Database on a compute instance in a non-Oracle cloud environment
    1. From the navigation menu in Oracle Cloud Infrastructure, select Networking, and then Site-to-Site VPN (IPSec) or FastConnect.
    2. Select the VCN and subnet in Oracle Cloud Infrastructure that has connectivity via VPN Connect or FastConnect to your database.
    3. If you do not have VPN Connect or FastConnect set up, Oracle recommends that you use an Oracle Data Safe on-premises connector instead. See Create an Oracle Data Safe On-Premises Connector.
    On-Premises Oracle AI Database

    Obtain the name of the virtual cloud network and subnet on which your on-premises Oracle database can be accessed.
    Amazon RDS for Oracle

    Obtain the name of the virtual cloud network and subnet on which your Amazon RDS for Oracle database can be accessed.
  2. From the navigation menu in Oracle Cloud Infrastructure, select Oracle AI Database, and then Data Safe - Database Security.
    The Overview page is displayed.
  3. On the left under Data Safe, click Target databases.
  4. On the left under Connectivity options, click Private endpoints.
    The Private endpoints page is displayed.
  5. Click Create private endpoint.
    The Create private endpoint panel is displayed.
  6. In the Name box, enter a name for your private endpoint.
  7. Select a compartment in which to store your private endpoint.
  8. Select the virtual cloud network (VCN) on which your database can be accessed. If needed, click Change compartment and select the compartment that stores your VCN.
  9. Select a subnet within the selected VCN. If needed, click Change compartment and select the compartment that stores the subnet that you want to use.
    The subnet can be in a different compartment than the VCN. The subnet that you select needs to have access to the database's subnet.
  10. (Optional) Specify a private IP address.
    If you do not specify a private IP address, Oracle Cloud Infrastructure automatically generates one for you in the selected subnet.
  11. (Optional) Select a network security group to which your database belongs.
  12. (Optional) To add another network security group, click + Another network security group, and select another network security group.
  13. Click Create private endpoint.
    A private endpoint for Oracle Data Safe is provisioned in your database's VCN.
  14. To view details for your private endpoint, click its name. Take note of the private IP address that was assigned to the private endpoint (or that you assigned to it). It is needed for configuring security rules.