Oracle Cloud Infrastructure Documentation

Creating a Private Endpoint

Oracle Cloud Infrastructure (OCI) lets you create private endpoints within the service so that you can access resources that are only available using private IPs. In Data Flow, you create a private endpoint to configure the private network where the data source is hosted.

Before you create a private endpoint in Data Flow, you must have the prerequisites and the following details:

  • The name of the Virtual Cloud Network (VCN) used to access the data source.
  • The name of the subnet in the VCN.
  • The list of DNS zones used to resolve the Fully Qualified Domain Names (FQDNs) of the data sources that you want to harvest.

Specify the domain names or the FQDNs of the data sources in this list. For private autonomous databases, use the FQDN of the database as the DNS zone. For custom data sources running on OCI compute virtual machines (VMs), you can specify the FQDN of the VM, the domain name of the subnet in which the VM is provisioned, or the domain name of the VCN.

Important

If you create a private endpoint with the same values for DNS Zones, Subnet, Hosts to Access, and Network Security Group as an existing private endpoint, Data Flow uses the existing private endpoint. For Data Flow to use a new private endpoint, at least one of the values for DNS Zones, Subnet, Hosts to Access, or Network Security Group must be different to an existing private endpoint.
Note

You can create up to five private endpoints in a tenancy.
    1. Open the navigation menu, and click Analytics and AI. Under Data Lake click Data Flow.
    2. In the left-side menu, click Private endpoints.
    3. Under List scope, select the compartment that contains the application to edit.
    4. Click Create private endpoint.
    5. In the Create private endpoint panel, enter a name to identify the private endpoint.
    6. Select the VCN that's created to provide private access to the data source. You can change the compartment where the VCN is.
    7. Select the subnet that has the private endpoint from which you access the data source. You can change the compartment where the subnet is.
    8. Enter the DNS zones to resolve.
      The DNS zone is the set of domain name suffixes that are in the allowed list for network address translation by the private endpoint infrastructure. You can enter up to 30 DNS zones. They must be comma delimited.
    9. (Optional) Enter the number of hosts to access.
    10. (Optional) Add one or more network security groups that are associated with the VCN. You can change the compartment where the network security groups are.
    11. (Optional) Add SCAN details for the Oracle RAC databases. Enter a DNS name and port number. To add more, click Add SCAN details.
    12. (Optional) To add tags to the application, select a tag namespace (for defined tags) and populate then specify a tag key and value. Add more tags as needed. For more information about tagging, see Overview of Tagging.
    13. Click Create to create the private endpoint, or click Save as stack to create it later.
      The create process can take a couple of minutes. When the private endpoint is created successfully, the private endpoint is in INACTIVE status.

  • Follow these steps in the CLI to create a prvate endpoint n Data Flow.

    Use the create command and required parameters to create a private endpoint:

    oci data-flow private-endpoint create [OPTIONS]
    For a complete list of flags and variable options for CLI commands, see the CLI Command Reference.

  • Follow these steps in the API to create a private endpoint n Data Flow.

    Run the CreatePrivateEndpoint operation to create a private endpoint.