Configure the required policies to enable secure Vault and
Secrets access, such as use secrets, use vaults, and read
secret-bundles. For more information, see Minimum
recommended policies.
Create the connection
To create an Oracle Database connection:
From the OCI GoldenGate Overview page, click
Connections.
You can also click Create Connection under the
Get started section and skip to step 3.
On the Connections page, click Create Connection.
In the Create Connection panel, complete the General Information
fields as follows:
For Name, enter a name for the connection.
(Optional) For Description, enter a description that helps
you distinguish this connection from others.
For Compartment, select the compartment in which to create
the connection.
From the Type dropdown,
under Oracle, select Oracle
Database.
For Database details, you can
choose:
Select
database to select from a list of
existing Autonomous Databases in the selected
compartment, and then select a password secret
from the dropdown or click Change
compartment to choose a password secret in a
different compartment.
Note:
When you select an existing Autonomous Database,
a private endpoint is created
automatically.
Enter database
information and then manually complete
the following fields:
If not using a database wallet,
enter the Database connection string.
If you don't enter a Database
connection string, you select a Wallet
secret.
Note:
If you're using a Wallet, it must
at least contain the cwallet.sso
and tnsnames.ora files.
If you prefer not to use secrets,
ensure that you deselect Use secrets in
vault in the Security section under
Advanced Options, located at the bottom of
this form.
For Database username,
enter the username to connect to the database
with.
Select the Database user password
secret. If located in a different compartment, use the dropdown to
change compartments.
Note:
Secrets are credentials such as passwords, certificates, SSH keys, or
authentication tokens that you use with OCI services. To create a secret, see Creating a secret. Ensure that
you:
Select Manual secret generation.
Paste the credentials into Secret contents.
If you prefer not to use password secrets, ensure that you deselect Use
secrets in vault in the Security section under Advanced Options, located at
the bottom of this form.
Expand Show advanced options. You can configure the following
options:
Security:
Deselect Use vault secrets you prefer not to use
password secrets for this connection. If not selected:
Select Use Oracle-managed encryption key to leave
all encryption key management to Oracle.
Select Use customer-managed encryption key to select
a specific encryption key stored in your OCI Vault to encrypt your
connection credentials.
Network connectivity
Shared endpoint, to share an endpoint
with the assigned deployment. You must allow connectivity from the
deployment's ingress IP.
Dedicated endpoint, for network
traffic through a dedicated endpoint in the assigned subnet in your VCN. You
must allow connectivity from this connection's ingress IPs.
Note:
If a dedicated connection remains unassigned for seven
days, then the service converts it to a shared connection.
After the connection is created, it appears in the Connections list. Ensure
that you assign the connection to a deployment to use it as a source or
target in a replication.
Known issues
Network
timeout affects database connections using private
endpoints.
If you're using a private enpoint to connect to a database,
then you may encounter network timeouts when starting or stopping
Extract processes.
Workaround: You can do one of the following:
Apply the latest patches from your deployment
details page. In the Deployment
Information section, under
GoldenGate, for
Version, click
Upgrade.
If you're unable to apply the latest patches at this
time, you can update the connection string to include
EXPIRE_TIME=1. By default, you may
have an EZ connection string in Oracle GoldenGate. This
connection string needs to be updated in the Oracle
GoldenGate Credential to a long connection string as
follows: