1. Administering Oracle Data Safe
  2. Target Database Registration
  3. Create an Oracle Data Safe Private Endpoint

Create an Oracle Data Safe Private Endpoint

You can create an Oracle Data Safe private endpoint to connect Oracle Data Safe to an Oracle Cloud Database (with a private IP address), Oracle On-Premises Database, and Oracle Database on Compute. Create the Oracle Data Safe private endpoint on the Private Endpoints page in the Oracle Data Safe service in Oracle Cloud Infrastructure.

Prerequisites Tasks for Creating an Oracle Data Safe Private Endpoint

Prior to creating an Oracle Data Safe private endpoint, be sure to complete the following prerequisite tasks:

  • Obtain permission to create virtual networking resources in Oracle Cloud Infrastructure. See the section called Target Registration Resources in OCI Resources for Oracle Data Safe.
  • Obtain permission to create an Oracle Data Safe private endpoint in Oracle Cloud Infrastructure. See the section called Target Registration Resources in OCI Resources for Oracle Data Safe.

Create an Oracle Data Safe Private Endpoint

  1. Refer to the following table to obtain the network information for your database.
    Database How to Find Network Information for the Database
    Oracle Autonomous Database Serverless (private IP address)
    1. From the navigation menu in Oracle Cloud Infrastructure, select Oracle Database, and then Autonomous Data Warehouse or Autonomous Transaction Processing.
    2. From the Compartment drop-down list, select the compartment that contains your Autonomous Database.
    3. On the right, click the name of your Autonomous Database.
    4. Under Network on the the Autonomous Database Information tab, make note of the VCN and subnet names.
    Autonomous Database on Dedicated Exadata Infrastructure (private IP address)
    1. From the navigation menu in Oracle Cloud Infrastructure, select Oracle Database, and then Autonomous Dedicated Infrastructure.
    2. Click Autonomous Exadata Infrastructure.
    3. On the right, in the Autonomous Exadata Infrastructure table, click the name of the infrastructure in which your database exists.
    4. Under Network, make note of the VCN and subnet names.
    DB system (private IP address)
    1. From the navigation menu in Oracle Cloud Infrastructure, select Oracle Database, and then Bare Metal, VM, and Exadata.
    2. Click the name of your DB system.
    3. On the DB System Information tab, under Network, make note of the VCN and subnet names.
    Oracle Database on a compute instance in Oracle Cloud Infrastructure
    1. From the navigation menu in Oracle Cloud Infrastructure, select Compute, and then Instances.
    2. Click the name of your compute instance.
    3. On the Instance Information tab, make note of the VCN and subnet names.
    Oracle Database on a compute instance in a non-Oracle cloud environment
    1. From the navigation menu in Oracle cloud Infrastructure, select Networking, and then Site-to-Site VPN (IPSec) or FastConnect.
    2. Select the VCN and subnet in Oracle Cloud Infrastructure that has connectivity via FastConnect or VPN Connect to your database.
    3. If you do not have FastConnect or VPN Connect set up, Oracle recommends that you use an Oracle Data Safe on-premises connector instead. See Create an Oracle Data Safe On-Premises Connector.
    On-Premises Oracle Database

    Obtain the name of the virtual cloud network and subnet on which your on-premises Oracle database can be accessed.
    Amazon RDS for Oracle

    Obtain the name of the virtual cloud network and subnet on which your Amazon RDS for Oracle database can be accessed.
  2. From the navigation menu in Oracle Cloud Infrastructure, select Oracle Database, and then Data Safe - Database Security.
    The Overview page is displayed.
  3. On the left under Data Safe, click Target Databases.
  4. On the left under Connectivity Options, click Private Endpoints.
    The Private Endpoints page is displayed.
  5. Click Create Private Endpoint.
    The Create Private Endpoint panel is displayed.
  6. In the NAME field, enter a name for your private endpoint.
  7. Select a compartment in which to store your private endpoint.
  8. Scroll down to the Private Endpoint Information section.
  9. From the VIRTUAL CLOUD NETWORK drop-down list, select the VCN on which your database can be accessed. If needed, click CHANGE COMPARTMENT and select the compartment that stores your VCN.
  10. From the SUBNET drop-down list, select a subnet within the selected VCN. If needed, click CHANGE COMPARTMENT and select the compartment that stores the subnet that you want to use.
    The subnet can be in a different compartment than the VCN. The subnet that you select needs to have access to the database's subnet.
  11. (Optional) In the PRIVATE IP field, specify a private IP address.
    If you do not specify a private IP address, Oracle Cloud Infrastructure automatically generates one for you in the selected subnet.
  12. (Optional) Select a network security group to which your database belongs.
  13. (Optional) To add another network security group, click + Another Network Security Group, and select another network security group.
  14. Click Create Private Endpoint.
    A private endpoint for Oracle Data Safe is provisioned in your database's VCN.
  15. To view details for your private endpoint, click its name. Take note of the Private IP address that was assigned to the Private Endpoint (or that you assigned to it). It is needed for configuring security rules.