It is now possible to restrict access to Autonomous Database by specifying a private endpoint within a Virtual Cloud Network (VCN). Configuration of private access is done when provisioning or cloning an Autonomous Database - allowing all traffic to and from an Autonomous Database to be kept off the public internet.
During provisioning or cloning, it is possible to specify private access for an Autonomous Database by selecting Virtual cloud network within the Choose network access section of the create/clone dialog, as shown below:
Description of the illustration adb_private_vcn.png
The configuration process for enablishing private endpoints involves three steps which must be done before provisioning or cloning an Autonomous Database:
- Create a VCN within the region that will contain your Autonomous Database.
- Configure a subnet within the VCN, configured with default DHCP options.
- Specify at least one network security group (NSG) within the VCN - used to specify the ingress and egress rules for the Autonomous Database.
Note: Private Endpoints is currently rolling out across all ou data centers. As of today, Feb 26, it is live in the following data centers:
It will be available shortly in the remaining data centers.
DOC: Configuring Private Endpoints with ADW:
DOC: Configuring Private Endpoints with ATP:
BLOG: Announcing Private Endpoints in Autonomous Database on Shared Exadata Infrastructure:
The documentation includes two sample network scenarios:
- Sample 1: Connecting from Inside Oracle Cloud Infrastructure VCN
- Sample 2: Connecting from Your Data Center to Autonomous Database
DOC: Private Endpoint Configuration Examples on ADW:
DOC: Private Endpoint Configuration Examples on ATP: