4 Managing Connections

To perform migration, create connections to your source and target databases by creating database connection resources. Database Connection resources enable network connectivity to the source and target databases.

Creating Oracle connections

Oracle Cloud Infrastructure Database Migration database connection resources contain the connectivity details of the migration source and target databases. Create connection database resources in the Database Migration Databases Connections page for the following databases:

• Oracle Autonomous Database
• Oracle Database
• Oracle Exadata
• Amazon RDS for Oracle

Note:

Oracle Cloud Infrastructure Database Migration service runs network connectivity tests followed by database login tests (to validate credentials) using the information that you provided while creating database connections. See Testing Connectivity of a Database Connection.

Note:

If the source database is a multitenant container database (CDB), and you are performing an online migration, you must create two connection entries for the source database: one for the PDB and one for the CDB. For offline migrations only the PDB connection is required.

You will create only one database connection resource for the target database.

Creating an Oracle Autonomous Database connection

Create an Oracle Autonomous Database connection by performing the following steps:

1. Log in into the OCI Console with your user credentials and the necessary policies to be able to create database connections.
2. Open the navigation menu. Under Database Migrations click Database Connections.
3. Click Create Connection.
4. On the General information step, in the Name field, enter a display name for the database connection resource.

   This is not the actual database name, but a name that will appear in a list of databases connections on completion of this procedure. Note that the database connection resources for all source databases (CDB and PDB) and target databases will appear the same list.

5. Add Description for the database connection resource.
6. In Compartment select the compartment in which the Database Connection resource will be created.
7. In Type, select a connection type. Select the connection type as Oracle Autonomous Database .
8. In Vault in Compartment select the security vault.

   Database Migration uses the OCI Vault to store user secrets such as passwords, wallets, and keys, and encrypts them with the user-supplied encryption key.

   You can select a vault in a different compartment by clicking Change Compartment.

9. In Encryption Key in Compartment select the keystore that you configured in the vault.

   Only AES algorithm type keys are supported.

10. The Advanced Options section allows you to optionally create tags.
11. In the Connection details step, enter the connection details for the Oracle Autonomous Database. Provide the following information:
    • Database name: The database name

    • Enter the database administrator credentials in Initial load database username and Initial load database password.

12. Select Use different credentials for replication to enter the credentials for replication. Select this option if you want to use a separate database user for performing replication for your online migrations. The following options are available
    • Replication database username
    • Replication database password
13. In Network Connectivity details, Create private endpoint to access this database indicates whether the database is publicly accessible or if you want to create a private endpoint.

    When you select the Create private endpoint to access this database option, then the Subnet in Compartment option lets you select the subnet containing the appropriate Virtual Cloud Network (VCN).

    This is the subnet to which a private endpoint is created from the Oracle Cloud Infrastructure Database Migration service tenancy. This creates a network route for the Oracle Cloud Infrastructure Database Migration deployment to connect to the database within your customer tenancy.

    Select the subnet containing the appropriate Virtual Cloud Network (VCN), then click Next. Click Change Compartment to select a subnet in a different compartment.
14. Click Create.

Note:

After you click Create, the database connection name appears in the Connection list while the creating connection operation runs. The creating connection operation can take a few minutes.

You can monitor the operation status in the State column. When the state is Active, the database connection creation is complete and successful.

When the resource creation is complete and successful, check the Security Vault service to verify that the SSH private key file was uploaded and enabled in the vault you configured.

Creating an Oracle Database connection

Create an Oracle Database connection by performing the following steps:

1. Log in into the OCI Console with your user credentials and the necessary policies to be able to create database connections.
2. Open the navigation menu. Under Database Migrations click Database Connections.
3. Click Create Connection.
4. On the General information step, in the Name field, enter a display name for the database connection resource.

   This is not the actual database name, but a name that will appear in a list of databases connections on completion of this procedure. Note that the database connection resources for all source databases (CDB and PDB) and target databases will appear the same list.

5. Add Description for the database connection resource.
6. In Compartment select the compartment in which the Database Connection resource will be created.
7. In Type, select a connection type. Select the connection type as Oracle Database.
8. In Vault in Compartment select the security vault.

   Database Migration uses the OCI Vault to store user secrets such as passwords, wallets, and keys, and encrypts them with the user-supplied encryption key.

   You can select a vault in a different compartment by clicking Change Compartment.

9. In Encryption Key in Compartment select the keystore that you configured in the vault.

   Only AES algorithm type keys are supported.

10. The Advanced Options section allows you to optionally create tags.
11. In the Connection details step, enter the database details for the Oracle Database. Select one of the following options:
    • Select database and provide the following information:
      • Database System in Compartment: Select a database.

      • Database home: The database home

        Database: The database name

        Pluggable Database: (Optional):

        Select the Pluggable Database.

      • Enter the database administrator credentials in Initial load database username and Initial load database password.

    • Enter the database information and provide the following information:
      • Database connection string: Provide the full connect string with host, port, and service name, in the following format:

        host:port/db-service-name

        If a private endpoint is specified in the connection, the hostentry should be a valid IP address.

      • Enter the database administrator credentials in Initial load database username and Initial load database password.

12. Select Use different credentials for replication to enter the credentials for replication. Select this option if you want to use a separate database user for performing replication for your online migrations. The following options are available
    • Replication database username
    • Replication database password
13. Optionally, upload the Database wallet drag and drop or select the wallet.zip for this database.

    Note:

    The wallet.zip must contain the cwallet.sso and tnsnames.ora files.

14. In Network Connectivity details, Create private endpoint to access this database indicates whether the database is publicly accessible or if you want to create a private endpoint.
    In Subnet in Compartment, select the subnet to which a private endpoint is created from the Oracle Cloud Infrastructure Database Migration service tenancy. This creates a network route for the Oracle Cloud Infrastructure Database Migration deployment to connect to the database within your customer tenancy. Select the subnet containing the appropriate Virtual Cloud Network (VCN). Click Change Compartment to select a subnet in a different compartment.

    Note:

    Oracle strongly recommends using the same subnet for both CDB and PDB connections.
15. (Optional) Under Advanced Options, enter the details for SSH settings if you prefer a Secure Shell (SSH) connection. Provide the SSH information for your database hosts if you wish to provide SSH access to the service to perform the migrations. Provide the SSH related information as follows:

    Note:

    Ensure that the private SSH key file is an RSA key in PEM format. See Required Keys and OCIDs for more information.

    • SSH database server hostname: Enter the IP address of the database host. This will be used by the service to connect to your host through/via SSH to perform the migration. Select the valid private key file used for database host access.

      Note:

      Enter a valid SSH username that will be used by the service to create a ssh session to the database host. This user should have the sudo privilege to perform the necessary operations.
    • SSH private key:

      Drop or select the private key file used to access the database server host.

    • SSH username: Enter an OS user name for the database host. This user must be a privileged user allowed to run sudo.
    • SSH sudo location: Enter the sudo binary location on the database host.
16. Click Create.

Note:

After you click Create, the database connection name appears in the Connection list while the creating connection operation runs. The creating connection operation can take a few minutes.

You can monitor the operation status in the State column. When the state is Active, the database connection creation is complete and successful.

When the resource creation is complete and successful, check the Security Vault service to verify that the SSH private key file was uploaded and enabled in the vault you configured.

Creating an Oracle Exadata connection

Create an Oracle Exadata connection by performing the following steps:

1. Log in into the OCI Console with your user credentials and the necessary policies to be able to create database connections.
2. Open the navigation menu. Under Database Migrations click Database Connections.
3. Click Create Connection.
4. On the General information step, in the Name field, enter a display name for the database connection resource.

   This is not the actual database name, but a name that will appear in a list of databases connections on completion of this procedure. Note that the database connection resources for all source databases (CDB and PDB) and target databases will appear the same list.

5. Add Description for the database connection resource.
6. In Compartment select the compartment in which the Database Connection resource will be created.
7. In Type, select a connection type. Select the connection type as Oracle Exadata.
8. In Vault in Compartment select the security vault.

   Database Migration uses the OCI Vault to store user secrets such as passwords, wallets, and keys, and encrypts them with the user-supplied encryption key.

   You can select a vault in a different compartment by clicking Change Compartment.

9. In Encryption Key in Compartment select the keystore that you configured in the vault.

   Only AES algorithm type keys are supported.

10. The Advanced Options section allows you to optionally create tags.
11. In the Connection details step, enter the database details for the Oracle Exadata. Select one of the following options:
    • Select database and provide the following information:
      • VM Cluster in Compartment: Select a VM cluster.

      • Database: Select the database.

        Pluggable Database: (Optional):

        Select the Pluggable Database.

      • Enter the database administrator credentials in Initial load database username and Initial load database password.

    • Enter the database information and provide the following information:
      • Database connection string: Provide the full connect string with host, port, and service name, in the following format:

        host:port/db-service-name

        If a private endpoint is specified in the connection, the hostentry should be a valid IP address.

      • Enter the database administrator credentials in Initial load database username and Initial load database password.

12. Select Use different credentials for replication to enter the credentials for replication. Select this option if you want to use a separate database user for performing replication for your online migrations. The following options are available
    • Replication database username
    • Replication database password
13. Optionally, upload the Database wallet drag and drop or select the wallet.zip for this database.

    Note:

    The wallet.zip must contain the cwallet.sso and tnsnames.ora files.

14. In Network Connectivity details, Create private endpoint to access this database indicates whether the database is publicly accessible or if you want to create a private endpoint.
    In Subnet in Compartment, select the subnet to which a private endpoint is created from the Oracle Cloud Infrastructure Database Migration service tenancy. This creates a network route for the Oracle Cloud Infrastructure Database Migration deployment to connect to the database within your customer tenancy. Select the subnet containing the appropriate Virtual Cloud Network (VCN).Click Change Compartment to select a subnet in a different compartment.
15. (Optional) Under Advanced Options, enter the details for SSH settings if you prefer a Secure Shell (SSH) connection. Provide the SSH information for your database hosts if you wish to provide SSH access to the service to perform the migrations. Provide the SSH related information as follows:

    Note:

    Ensure that the private SSH key file is an RSA key in PEM format. See Required Keys and OCIDs for more information.

    • SSH database server hostname: Enter the IP address of the database host. This will be used by the service to connect to your host through/via SSH to perform the migration. Select the valid private key file used for database host access.

      Note:

      Enter a valid SSH username that will be used by the service to create a ssh session to the database host. This user should have the sudo privilege to perform the necessary operations.
    • SSH private key:

      Drop or select the private key file used to access the database server host.

    • SSH username: Enter an OS user name for the database host. This user must be a privileged user allowed to run sudo.
    • SSH sudo location: Enter the sudo binary location on the database host.
16. Click Create.

Note:

After you click Create, the database connection name appears in the Connection list while the creating connection operation runs. The creating connection operation can take a few minutes.

You can monitor the operation status in the State column. When the state is Active, the database connection creation is complete and successful.

When the resource creation is complete and successful, check the Security Vault service to verify that the SSH private key file was uploaded and enabled in the vault you configured.

Creating an Amazon RDS for Oracle connection

Create an Amazon RDS for Oracle connection by performing the following steps:

1. Log in into the OCI Console with your user credentials and the necessary policies to be able to create database connections.
2. Open the navigation menu. Under Database Migrations click Database Connections.
3. Click Create Connection.
4. On the General information step, in the Name field, enter a display name for the database connection resource.

   This is not the actual database name, but a name that will appear in a list of databases connections on completion of this procedure. Note that the database connection resources for all source databases (CDB and PDB) and target databases will appear the same list.

5. Add Description for the database connection resource.
6. In Compartment select the compartment in which the Database Connection resource will be created.
7. In Type, select a connection type. Select the connection type as Amazon RDS for Oracle.
8. In Vault in Compartment select the security vault.

   Database Migration uses the OCI Vault to store user secrets such as passwords, wallets, and keys, and encrypts them with the user-supplied encryption key.

   You can select a vault in a different compartment by clicking Change Compartment.

9. In Encryption Key in Compartment select the keystore that you configured in the vault.

   Only AES algorithm type keys are supported.

10. The Advanced Options section allows you to optionally create tags.
11. In the Connection details step, enter the database details for Amazon RDS for Oracle. Enter the database information and provide the following information:
    • Database connection string: Provide the full connect string with host, port, and service name, in the following format:

      host:port/db-service-name

      If a private endpoint is specified in the connection, the hostentry should be a valid IP address.

    • Enter the database administrator credentials in Initial load database username and Initial load database password.

12. Select Use different credentials for replication to enter the credentials for replication. Select this option if you want to use a separate database user for performing replication for your online migrations. The following options are available
    • Replication database username
    • Replication database password
13. Optionally, upload the Database wallet drag and drop or select the wallet.zip for this database.

    Note:

    The wallet.zip must contain the cwallet.sso and tnsnames.ora files.

14. In Network Connectivity details, Create private endpoint to access this database indicates whether the database is publicly accessible or if you want to create a private endpoint.
    In Subnet in Compartment, select the subnet to which a private endpoint is created from the Oracle Cloud Infrastructure Database Migration service tenancy. This creates a network route for the Oracle Cloud Infrastructure Database Migration deployment to connect to the database within your customer tenancy. Select the subnet containing the appropriate Virtual Cloud Network (VCN).Click Change Compartment to select a subnet in a different compartment.
15. Click Create.

Note:

After you click Create, the database connection name appears in the Connection list while the creating connection operation runs. The creating connection operation can take a few minutes.

You can monitor the operation status in the State column. When the state is Active, the database connection creation is complete and successful.

When the resource creation is complete and successful, check the Security Vault service to verify that the SSH private key file was uploaded and enabled in the vault you configured.

Creating MySQL connections

Create MySQL connections to connect to the MySQL databases.

The following source databases are currently supported:

• OCI MySQL HeatWave
• MySQL Database Server
• Amazon RDS for MySQL
• Azure Database for MySQL
• Amazon Aurora MySQL
• Google Cloud SQL for MySQL

The OCI MySQL Heatwave is the only target database that is currently supported.

Creating an OCI MySQL Heatwave connection

Create an OCI MySQL Heatwave connection by performing the following steps:

1. Log in into the OCI Console with your user credentials and the necessary policies to be able to create database connections.
2. Open the navigation menu. Under Database Migrations click Database Connections.
3. Click Create Connection.
4. On the General information step, in the Name field, enter a display name for the database connection resource.

   This is not the actual database name, but a name that will appear in a list of databases connections on completion of this procedure.

5. Add Description for the database connection resource.
6. In Compartment select the compartment in which the Database Connection resource will be created.
7. In Type, select a connection type. Select the connection type as OCI MySQL Heatwave.
8. In Vault in Compartment select the security vault.

   Database Migration Service uses the OCI Vault service to store your secrets such as passwords, wallets, and keys, and encrypts them with the encryption key that you provide. All of these are always stored in your tenancy and are in your full control.

   You can select a vault in a different compartment by clicking Change Compartment.

9. In Encryption Key in Compartment select the keystore that you configured in the vault.

   Only AES algorithm type keys are supported.

10. The Advanced Options section allows you to optionally create tags.
11. In the Connection details step, enter the connection details for the OCI MySQL Heatwave. Select one of the following options:
    • Select MySQL database system: Provide the following information:
      • Database System in Compartment: Select an OCI database.

      • Database name: The database name

        Enter the database administrator credentials in Initial load database username and Initial load database password.

    • Enter MySQL database information: Provide the following information:
      • Database name: The database name
      • Host: listener host IP address
      • Port: listener port number

      • Enter the database administrator credentials in Initial load database username and Initial load database password.

12. Select Use different credentials for replication to enter the credentials for replication. Select this option if you want to use a separate database user for performing replication for your online migrations. The following options are available
    • Replication database username
    • Replication database password
13. In the SSL details, select the security protocol.
    • Plain
    • TLS, and then select the SSL mode
    • MTLS, then select the SSL mode. Upload the Client certificate and Client private key.
14. In Network Connectivity details, Create private endpoint to access this database indicates whether the database is publicly accessible or if you want to create a private endpoint.

    By default, this option is selected while creating an OCI MySQL Heatwave connection. You must connect your database over a private IP address.

    In Subnet in Compartment, select the subnet to which a private endpoint is created from the Oracle Cloud Infrastructure Database Migration service tenancy. This creates a network route for the Oracle Cloud Infrastructure Database Migration service to connect to the database within your tenancy. Select the subnet containing the appropriate Virtual Cloud Network (VCN).Click Change Compartment to select a subnet in a different compartment.
15. (Optional) Under Advanced Options, add Connection attributes. Click + Another attribute to add more.
16. Click Create.

Note:

After you click Create, the database connection name appears in the Connection list while the creating connection operation runs. The creating connection operation can take a few minutes.

You can monitor the operation status in the State column. When the state is Active, the database connection creation is complete and successful.

Creating a MySQL Database Server connection

Create a MySQL Database Server connection by performing the following steps:

1. Log in into the OCI Console with your user credentials and the necessary policies to be able to create database connections.
2. Open the navigation menu. Under Database Migrations click Database Connections.
3. Click Create Connection.
4. On the General information step, in the Name field, enter a display name for the database connection resource.

   This is not the actual database name, but a name that will appear in a list of databases connections on completion of this procedure.

5. Add an optional Description enter a description that helps you distinguish for the database connection resource.
6. In Compartment select the compartment in which the Database Connection resource will be created.
7. In Type, select a connection type. Select the connection type as MySQL Database Server.
8. In Vault in Compartment select the security vault.

   Database Migration Service uses the OCI Vault service to store your secrets such as passwords, wallets, and keys, and encrypts them with the encryption key that you provide. All of these are always stored in your tenancy and are in your full control.

   You can select a vault in a different compartment by clicking Change Compartment.

9. In Encryption Key in Compartment select the keystore that you configured in the vault.

   Only AES algorithm type keys are supported.

10. The Advanced Options section allows you to optionally create tags.
11. In the Connection details page, enter the connection details for the MySQL Database Server as follows:

    • Database name: The database name

    • Host: listener host IP address
    • Port: listener port number

    • Enter the database administrator credentials in Initial load database username and Initial load database password.

12. Select Use different credentials for replication to enter the credentials for replication. Select this option if you want to use a separate database user for performing replication for your online migrations. The following options are available
    • Replication database username
    • Replication database password
13. In Network Connectivity details, Create private endpoint to access this database indicates whether the database is publicly accessible or if you want to create a private endpoint.

    Check this box if you plan to connect your database over a private IP address. Do not check it if the database has a public IP address.

    In Subnet in Compartment, select the subnet to which a private endpoint is created from the Oracle Cloud Infrastructure Database Migration service tenancy. This creates a network route for the Oracle Cloud Infrastructure Database Migration service to connect to the database within your tenancy. Select the subnet containing the appropriate Virtual Cloud Network (VCN). Click Change Compartment to select a subnet in a different compartment.
14. In the SSL details, select the security protocol.
    • Plain
    • TLS, and then select the SSL mode
    • MTLS, then select the SSL mode. Upload the Client certificate and Client private key.
15. (Optional) Under Advanced Options, add Connection attributes. Click + Another attribute to add more.
16. Click Create.

Note:

After you click Create, the database connection name appears in the Connection list while the creating connection operation runs. The creating connection operation can take a few minutes.

You can monitor the operation status in the State column. When the state is Active, the database connection creation is complete and successful.

Creating an Amazon RDS for MySQL connection

Create an Amazon RDS for MySQL connection by performing the following steps:

1. Log in into the OCI Console with your user credentials and the necessary policies to be able to create database connections.
2. Open the navigation menu. Under Database Migrations click Database Connections.
3. Click Create Connection.
4. On the General information step, in the Name field, enter a display name for the database connection resource.

   This is not the actual database name, but a name that will appear in a list of databases connections on completion of this procedure.

5. Add an optional Description enter a description that helps you distinguish for the database connection resource.
6. In Compartment select the compartment in which the Database Connection resource will be created.
7. In Type, select a connection type. Select the connection type as Amazon RDS for MySQL.
8. In Vault in Compartment select the security vault.

   Database Migration Service uses the OCI Vault service to store your secrets such as passwords, wallets, and keys, and encrypts them with the encryption key that you provide. All of these are always stored in your tenancy and are in your full control.

   You can select a vault in a different compartment by clicking Change Compartment.

9. In Encryption Key in Compartment select the keystore that you configured in the vault.

   Only AES algorithm type keys are supported.

10. The Advanced Options section allows you to optionally create tags.
11. In the Connection details page, enter the connection details for the Amazon RDS for MySQL as follows:

    • Database name: The database name

    • Host: listener host IP address
    • Port: listener port number

    • Enter the database administrator credentials in Initial load database username and Initial load database password.

12. Select Use different credentials for replication to enter the credentials for replication. Select this option if you want to use a separate database user for performing replication for your online migrations. The following options are available
    • Replication database username
    • Replication database password
13. In the SSL details, select the security protocol.
    • Plain
    • TLS, and then select the SSL mode
    • MTLS, then select the SSL mode. Upload the Client certificate and Client private key.
14. (Optional) Under Advanced Options, add Connection attributes. Click + Another attribute to add more.
15. Click Create.

Note:

After you click Create, the database connection name appears in the Connection list while the creating connection operation runs. The creating connection operation can take a few minutes.

You can monitor the operation status in the State column. When the state is Active, the database connection creation is complete and successful.

Creating an Azure Database for MySQL connection

Create an Azure Database for MySQL connection by performing the following steps:

1. Log in into the OCI Console with your user credentials and the necessary policies to be able to create database connections.
2. Open the navigation menu. Under Database Migrations click Database Connections.
3. Click Create Connection.
4. On the General information step, in the Name field, enter a display name for the database connection resource.

   This is not the actual database name, but a name that will appear in a list of databases connections on completion of this procedure.

5. Add an optional Description enter a description that helps you distinguish for the database connection resource.
6. In Compartment select the compartment in which the Database Connection resource will be created.
7. In Type, select a connection type. Select the connection type as Azure Database for MySQL.
8. In Vault in Compartment select the security vault.

   Database Migration Service uses the OCI Vault service to store your secrets such as passwords, wallets, and keys, and encrypts them with the encryption key that you provide. All of these are always stored in your tenancy and are in your full control.

   You can select a vault in a different compartment by clicking Change Compartment.

9. In Encryption Key in Compartment select the keystore that you configured in the vault.

   Only AES algorithm type keys are supported.

10. The Advanced Options section allows you to optionally create tags.
11. In the Connection details page, enter the connection details for the Azure Database for MySQL as follows:

    • Database name: The database name

    • Host: listener host IP address
    • Port: listener port number

    • Enter the database administrator credentials in Initial load database username and Initial load database password.

12. Select Use different credentials for replication to enter the credentials for replication. Select this option if you want to use a separate database user for performing replication for your online migrations. The following options are available
    • Replication database username
    • Replication database password
13. In the SSL details, select the security protocol.
    • Plain
    • TLS, and then select the SSL mode
    • MTLS, then select the SSL mode. Upload the Client certificate and Client private key.
14. (Optional) Under Advanced Options, add Connection attributes. Click + Another attribute to add more.
15. Click Create.

Note:

After you click Create, the database connection name appears in the Connection list while the creating connection operation runs. The creating connection operation can take a few minutes.

You can monitor the operation status in the State column. When the state is Active, the database connection creation is complete and successful.

Creating an Amazon Aurora MySQL connection

Create an Amazon Aurora MySQL connection by performing the following steps:

1. Log in into the OCI Console with your user credentials and the necessary policies to be able to create database connections.
2. Open the navigation menu. Under Database Migrations click Database Connections.
3. Click Create Connection.
4. On the General information step, in the Name field, enter a display name for the database connection resource.

   This is not the actual database name, but a name that will appear in a list of databases connections on completion of this procedure.

5. Add an optional Description enter a description that helps you distinguish for the database connection resource.
6. In Compartment select the compartment in which the Database Connection resource will be created.
7. In Type, select a connection type. Select the connection type as Amazon Aurora MySQL.
8. In Vault in Compartment select the security vault.

   Database Migration Service uses the OCI Vault service to store your secrets such as passwords, wallets, and keys, and encrypts them with the encryption key that you provide. All of these are always stored in your tenancy and are in your full control.

   You can select a vault in a different compartment by clicking Change Compartment.

9. In Encryption Key in Compartment select the keystore that you configured in the vault.

   Only AES algorithm type keys are supported.

10. The Advanced Options section allows you to optionally create tags.
11. In the Connection details page, enter the connection details for the Azure Database for MySQL as follows:

    • Database name: The database name

    • Host: listener host IP address
    • Port: listener port number

    • Enter the database administrator credentials in Initial load database username and Initial load database password.

12. Select Use different credentials for replication to enter the credentials for replication. Select this option if you want to use a separate database user for performing replication for your online migrations. The following options are available
    • Replication database username
    • Replication database password
13. In the SSL details, select the security protocol.
    • Plain
    • TLS, and then select the SSL mode
    • MTLS, then select the SSL mode. Upload the Client certificate and Client private key.
14. (Optional) Under Advanced Options, add Connection attributes. Click + Another attribute to add more.
15. Click Create.

Note:

After you click Create, the database connection name appears in the Connection list while the creating connection operation runs. The creating connection operation can take a few minutes.

You can monitor the operation status in the State column. When the state is Active, the database connection creation is complete and successful.

Creating a Google Cloud SQL for MySQL connection

Create a Google Cloud SQL for MySQL connection by performing the following steps:

1. Log in into the OCI Console with your user credentials and the necessary policies to be able to create database connections.
2. Open the navigation menu. Under Database Migrations click Database Connections.
3. Click Create Connection.
4. On the General information step, in the Name field, enter a display name for the database connection resource.

   This is not the actual database name, but a name that will appear in a list of databases connections on completion of this procedure.

5. Add an optional Description enter a description that helps you distinguish for the database connection resource.
6. In Compartment select the compartment in which the Database Connection resource will be created.
7. In Type, select a connection type. Select the connection type as Google Cloud SQL for MySQL.
8. In Vault in Compartment select the security vault.

   Database Migration Service uses the OCI Vault service to store your secrets such as passwords, wallets, and keys, and encrypts them with the encryption key that you provide. All of these are always stored in your tenancy and are in your full control.

   You can select a vault in a different compartment by clicking Change Compartment.

9. In Encryption Key in Compartment select the keystore that you configured in the vault.

   Only AES algorithm type keys are supported.

10. The Advanced Options section allows you to optionally create tags.
11. In the Connection details page, enter the connection details for the Google Cloud SQL for MySQL as follows:

    • Database name: The database name

    • Host: listener host IP address
    • Port: listener port number

    • Enter the database administrator credentials in Initial load database username and Initial load database password.

12. Select Use different credentials for replication to enter the credentials for replication. Select this option if you want to use a separate database user for performing replication for your online migrations. The following options are available
    • Replication database username
    • Replication database password
13. In the SSL details, select the security protocol.
    • Plain
    • TLS, and then select the SSL mode
    • MTLS, then select the SSL mode. Upload the Client certificate and Client private key.
14. (Optional) Under Advanced Options, add Connection attributes. Click + Another attribute to add more.
15. Click Create.

Note:

After you click Create, the database connection name appears in the Connection list while the creating connection operation runs. The creating connection operation can take a few minutes.

You can monitor the operation status in the State column. When the state is Active, the database connection creation is complete and successful.

Testing Connectivity of a Database Connection

You can test the connectivity of a database connection before you start or create a migration. You can get information about the connection and fix any configuration issues before running the migration.

You can diagnose issues with a database connection such as:

• Incorrect IP address and/or port.
• Incorrectly declaring a connection public or private.
• Incorrect, expired, or locked database credentials.
• Missing entries in security lists or NSGs to allow communication with database IP or port.
• Connection failures through FastConnect, VPN, or any other network connectivity issues for your on-premises database.

  Oracle Cloud Infrastructure Database Migration service runs a network connectivity check followed by JDBC Connection or Socket Connectivity using the Database Connection data that you provide.

To test the connectivity of a database connection use either of the following methods:

• From the action menu (three dots), select Test connection.
• Select the database connection, which opens the Database connection details page and click the Test connection button.

The Test connection dialog is displayed.

The Test connection dialog displays the following details:

• Result of the connection test.
• Error codes and the accompanying error messages.
• Cause: The issue causing the connection failure.
• Action: The action you can perform to resolve the error.

Viewing Connection Details

Database connection details page

On the Database connection details page you can view a list of your Connections in a table, which includes the following information:

• Name of the Connection resource

• State of the Connection resource, which can be any one of the following:

  • Creating: The new Connection resource is being created in OCI.

  • Updating: Changes to the Connection resource are being registered in OCI.

  • Active: The Connection resource has finished being created or updated and is ready for use.

  • Inactive: A fallback state for unexpected errors.

  • Deleting: This state appears when you delete a Connection resource. The resource remains in this state until deletion is completed, at which point the resource is no longer listed in the console.

  • Failed: There are problems with the Connection resource. You can review the Connection resource work requests to investigate the issue.

• Created date and time

Database connection details page

Select a Connection from the Database connection details to view its details.

On the Database connection details page you can view the Connection information, including:

• OCID: The resource's unique Oracle Cloud ID.
• Compartment: The compartment where the Connection resides.
• Created: The date and time when the Connection was created.
• Encryption Vault: The link takes you to the Vault Details page.
• Encryption Key: The link takes you to the Key Details page
• Subnet: The link takes you to the Subnet Details page.
• Database Type: Autonomous Database, Database (BareMetal, VM, Exadata), VM Cluster Database (Exadata), Oracle, or Amazon RDS
• Database: For OCI co-managed databases--Autonomous Database, Database (BareMetal, VM, Exadata), VM Cluster Database (Exadata)--the display name of this Connection is also shown. The link takes you to the Database Details page in OCI.

Network security groups

On the Database connection details page, under the Resources on the left side of the page, you can find the Network Security Groups that can be associated, with this database connection.

Note:

• You can associate NSGs available in your VCN to the connection. The NSGs that are listed for a subnet are only applicable to your current VCN.
• You can add network security groups in Database Migration Service to control traffic, if you have connected over private endpoints while registering databases. The advantage of network security groups (NSGs) is that rules can be limited to individual resources within a subnet, whereas Security Lists apply to all resources within a subnet.
• Associating NSGs to database connections provides you fine grained control over the access to your database connection resources that are involved in the migration process (Source and Target). See Network Security Groups for more information.

1. Click Add network security groups to open the Add network security groups panel.
2. Select a network security group from the compartment and click Add network security groups.
3. You can add up-to five unique network security groups by clicking on Another network security group.

You can view the following details associated with the Network security groups Resource:

• Name : The name of the added network security group.

• State: The state of the network security group.

• Compartment : The compartment where the network security group resides.

• Created : The date and time when the network security group was created.

Select single or multiple network security groups to remove them by clicking Remove in the Remove network security groups confirmation dialog.

Select View details from the actions menu (three dots) for a specific NSG to view information related to VCN.

Work Requests

On the Database connection details page, under the Connection information box you can find the Work Requests list. Work Requests lists any work requests sent to OCI to facilitate the creation, update, or deletion of this resource. Click the work request to go to the Work Request Details page for more information about the work request.

Editing a Connection

To edit a connection:

1. In the list of databases on the Databases connection details page, select the Name of the Connection you want to edit.
2. In the Database connection details page, select Rename to change the name of the Connection.
3. Select Edit next to any of the following fields to update the settings:
   • Encryption Key: You can change the selected vault, encryption key, and compartment in which to create a secret. Only AEP algorithm type keys are supported.
   • Subnet: You can update the subnet and private endpoint compartment network connectivity settings.
   • Database: you can update the database administrator user name and password used to connect to the database. When editing a non-Autonomous database connection, you can also edit connect string, SSH details, and TLS details. The following options are available:
     • Connect string
     • Initial load database username
     • Initial load database password
     • If you select Use different credentials for replication , enter the following details:
       • Replication database username
       • Replication database password
     • Keep existing certificates/key pair configuration
     • Remove certificate/key pair configuration
     • Update certificate/key pair configuration
     • In the Show optional SSH settings, provide the SSH information for your database hosts if you wish to provide SSH access to the service to perform the migrations. Provide the SSH related information.
4. Click Save Changes.

Moving a Connection

You can move a Connection from one compartment to another.

To move a Connection:

1. In the list of databases on the Database connection details page, select Move Resource from the Actions (three dots) menu for the database you want to move.
   You can also select Move Resource on the Database connection details page.
2. In the Move Resource to a Different Compartment dialog, select the compartment to move the Connection to from the dropdown.
3. Click Move Resource.

After you move the Connection to the new compartment, inherent policies apply immediately and may affect access to the Connection through the Console. For more information, see Managing Compartments.

Deleting a Connection

Before you delete a Connection, ensure that you carefully review any resources that reference the Connection. It is not possible to delete a Connection if it is references by a migration. You must delete the migration before deleting the associated Connections.

Deleting a Connection also deletes the private connection and database credentials, so it will no longer be accessible to migrations. After you delete a Connection, it cannot be restored.

Note:

Connections also capture and synchronize database credentials to Database Migration. Any change made to the credential, such as updating or deleting, synchronizes to Database Migration. You will encounter issues when the Replicat or Extract attempts to reconnect to a deleted Connection.

To delete a Connection:

1. In the list of databases on the Database connection details page, select Delete from the Actions (three dots) menu of the database you want to delete.
   You can also click Delete on the Database connection page.
2. In the Delete dialog, click Delete.

Managing Tags for Connections

Tags help you locate resources within your tenancy. You can add and view a connection's tags from the Database Connections page and from the Database connection details page.

On the Database connection details page, from the Connection's Actions (three dots) menu, select Add Tags or View Tags.

On the Database connection details page, you can select Add Tags above the Connection Information box, or click the Tags tab to view and edit tags.

See Managing Tags and Tag Namespaces to learn more about tagging.

Using the Connection API

You can use the following operations to manage Connection resources:

• CreateConnection
• GetConnection
• ListConnections
• UpdateConnection
• DeleteConnection
• ChangeConnectionCompartment

For information about using the API and signing requests, see REST APIs and Security Credentials. For more information about SDKs, see Software Development Kits and Command Line Interface.