Oracle Cloud Infrastructure Documentation

Creating a Private Endpoint

Oracle Cloud Infrastructure lets you create private endpoints within your service so that you can access resources that are only available using private IPs. In Data Catalog, you create a private endpoint to configure the private network where your data source is hosted.

Prerequisites:

  • The name of the Virtual Cloud Network (VCN) used to access your data source.
  • The name of the subnet in the VCN.
  • The list of DNS zones used to resolve the FQDNs or private IPs of the data sources that you want to harvest.
    Important

    If the data sources in your private network are accessed with FQDNs and private IPs, you only need the list of all the FQDNs when you create the private endpoint.

    If all the data sources in your private network are accessed with private IPs, then while creating a private endpoint you must specify at least one resolvable FQDN or DNS.

    For private autonomous databases, use the FQDN of the database as the DNS zone. For custom data sources running on Oracle Cloud Infrastructure compute Virtual Machines (VMs), you can specify the FQDN of the VM, or the domain name of the subnet in which the VM is provisioned, or the domain name of the VCN.

    1. Open the navigation menu and click Analytics & AI. Under Data Lake, click Data Catalog.
    2. On the Data Catalog service page, click Private Endpoints, and click Create private endpoint.
    3. On the Create private endpoint panel, provide the following details:
      • Select the compartment where you want to create the private endpoint. You can create the private endpoint in a different compartment than the compartment where your data catalog is created.
      • Enter a name to identify the private endpoint.
      • Select the VCN that is created to provide private access to your data source.
      • Select the Subnet that has the private endpoint to access your data source.
      • Enter the DNS zones to resolve. The DNS zone can be a DNS domain name or a FQDN. You can enter up to 30 DNS zones.
        Example: Consider a database with FQDN dcat.dbsubnet.dbvcn.oraclevcn.com installed on a machine. The permitted domain name entries can be: dbvcn.oraclevcn.com (VCN DNS), dbsubnet.dbvcn.oraclevcn.com (subnet DNS), or dcat.dbsubnet.dbvcn.com (FQDN). The private IP of the machine can not be specified.
        Important

        If the data sources in your private network are accessed with FQDNs and private IPs, you only need to enter the list of all the FQDNs.

        If all the data sources in your private network are accessed with private IPs, then enter at least one resolvable FQDN.

      • Add tags to identify this private endpoint resource.
    4. Perform one of the following actions:
      • To create the private endpoint, click Create.
      • To create the private endpoint later using Resource Manager and Terraform, click Save as Stack to save the resource definition as a Terraform configuration. For more information about saving stacks from resource definitions, see Creating a Stack from a Resource Creation Page.
    The private endpoint is created. The create process can take a couple of minutes. When the private endpoint is created successfully, the private endpoint is in ACTIVE status.

  • Use the create command and required parameters to create a private endpoint in Data Catalog:

    oci data-catalog catalog-private-endpoint create [OPTIONS]

    For a complete list of flags and variable options for CLI commands, see the CLI Command Reference.

  • Run the CreateCatalogPrivateEndpoint to create a private endpoint in Data Catalog.