Oracle Cloud Infrastructure Documentation

Creating a Private Endpoint

Create a private endpoint in Resource Manager.

Before You Begin

Gather the network information that you need:

  • Virtual cloud network (VCN) and subnet

  • The private endpoint connection is at the VCN level. If you have many subnets per VCN, you need to create only one private endpoint for that VCN. Ensure that security rules meet your requirements.

  • Network security groups (optional)

  • DNS zones (optional, for private Git servers)

    For example, for a private Git server at https://privateGitServer.examplesub.exampledomain, create a DNS zone for examplesub.exampledomain.

Additionally:

  • Ensure that the subnet allows access to the private resource: Set up a security rule for ingress.
  • For private Git servers, import the certificates you want to use. See the GitHub and GitLab instructions.

Using a Terraform Configuration

Create a private endpoint by using a Terraform configuration.

  1. Add code to the Terraform configuration that creates a private endpoint.
    For an example, see Example Usage (oci_resourcemanager_private_endpoint).
  2. Create a stack that references this Terraform configuration.
  3. Run an apply job on the stack.
    The private endpoint is created. You can now reference the private endpoint from any Terraform configuration or configuration source provider.
  • To create a private endpoint by using the Console, follow these steps.
    1. Open the navigation menu and click Developer Services. Under Resource Manager, click Private Endpoints.
    2. On the Private endpoints page, select a compartment.
    3. Click Create private endpoint.
    4. In the Create private endpoint panel, enter a name and optional description for the private endpoint. Avoid entering confidential information.
    5. Select the compartment that you want to create the private endpoint in.
    6. Enter the following values:
      • Virtual cloud network: The virtual cloud network (VCN) to use with the private endpoint. See VCNs and Subnets. To select a VCN in a different compartment, click Change Compartment.
      • Subnet: The subnet to use with the private endpoint. See VCNs and Subnets. To select a subnet in a different compartment, click Change Compartment.
      • Allow this private endpoint to be used with a configuration source provider: When enabled, allows use with configuration source providers (for example, private Git servers). If you enable this option, it can't be disabled after the endpoint is created.
      • DNS zones: The DNS zones to use with the private endpoint. This field is displayed when Allow this private endpoint to be used with a configuration source provider is selected. For more information about DNS zones, see Public DNS.
      • Network security groups: The network security groups (NSGs) to use with the private endpoint. To select a NSG in a different compartment, click Change Compartment.
    7. (Optional) Click Show advanced options and assign tags to the private endpoint.
      • Tag namespace: To add a defined tag, select an existing namespace. To add a free-from tag, leave the value blank.
      • Tag key: To add a defined tag, select an existing tag key. To add a free-form tag, type the key name that you want.
      • Tag value: Type the tag value that you want.
      • Add tag: Click to add another tag.
    8. Click Create.

  • Use the oci resource-manager private-endpoint create command to create a private endpoint.

    oci resource-manager private-endpoint create --compartment-id <compartment_ocid> --display-name <text> --subnet-id <subnet_ocid> --vcn-id <vcn_ocid>

    For a complete list of parameters and values for CLI commands, see the Command Line Reference for Resource Manager.

  • Use the CreatePrivateEndpoint operation to create a private endpoint.