We’re excited to announce the general availability of Cloud Shell private network access. This new feature enables you to connect to your private network through Cloud Shell. It also allows you to run commands in Cloud Shell to access your private resources without having the network traffic transit over the public internet.

The key benefits of this feature include a centralized and secured connection, a seamless workflow to access your resources with ease, and defined Identity and Access Management (IAM) policies to drive optimal security. You can connect to any resource in your private VCN. For example, you can now SSH into any Compute instance or run database command line interface (CLI) commands in a private virtual cloud network (VCN).

Whether you’re an administrator running Shell commands or accessing your OCI-hosted repositories for retrieving GitHub source code and releasing Artifactory artifacts, the use cases for accessing private resources from Cloud Shell are many, including the following examples:

  • Access private MySQL instances

  • Fetch code/software packages from a private repository

  • Manage private Oracle Container Engine for Kubernetes (OKE) clusters

  • SSH into a Compute host with a private IP

Enable private access capability from Cloud Shell

To use private access, specify the following policies:


allow group <group> to use vnics in compartment <compartment>

allow group <group> to use network-security-groups in compartment <compartment>

allow group <group> to use vcns in compartment <compartment>

allow group <group> to use subnets in compartment <compartment>

Create a private connection by choosing Private Network under the Network menu at the top of the Cloud Shell terminal window.

Select a compartment that you want to use, and then select the VCN and the subnet, under the Private Network setup panel to establish a private connection. You can select one or more network security groups to control traffic if applicable. Click Connect to this network, which connects your Cloud Shell session to the private network.

A screenshot of the Cloud Shell window, showing how to create a private network connection.

SSH into a private Compute instance using private network access in Cloud Shell

You can now SSH into your private Compute instance by running the command using the SSH key to access the private instance in Cloud Shell.

A screenshot of the Cloud Shell window, showing how to SSH into your private Compute instance.

Ready to enable Private Network Access from Cloud Shell?

For more information on this feature, see the following resources:

If you’re new to Oracle Cloud Infrastructure, you can create your Oracle Cloud Free Tier to get acquainted.