Oracle Cloud Infrastructure Documentation

Configure a Private Endpoint for an Instance

A private endpoint lets your integrations connect to private resources in your virtual cloud network (VCN). All traffic goes through a private channel that is set up within Oracle Cloud Infrastructure. You can configure one private endpoint per instance.

Do you need a private endpoint?

To learn more about private endpoints, see Connect to Private Resources.

Prerequisites

Complete all prerequisites before configuring a private endpoint. Here is an overview of the prerequisites:

  1. If you don't already have a VCN and subnet for your Oracle Integration instance, create them.
    • The private resources must be in the same customer tenancy in which Oracle Integration is provisioned.
    • The VCN must be in the same region as your Oracle Integration instance.
    • The VCN and subnet can be in any compartment within the customer tenancy.
    • The subnet can be public or private.
  2. Place any private resources that you want integrations to access in your subnet.
  3. Create a policy that allows the private endpoint to create a virtual network interface card (VNIC) in the compartment that contains the subnet.
Note

If you don't complete the prerequisite tasks, the endpoint can't be created.

To configure a private endpoint:

  1. Open the Oracle Cloud Infrastructure Console.
  2. Open the navigation menu and click Developer Services. Under Application Integration, click Integration.
  3. Select an instance.
  4. In the left menu, below Resources, click Private endpoint.
  5. Below the Private endpoints heading, click Create private endpoint.
  6. In the Create private endpoint panel, fill in the fields:
    • Virtual cloud network in compartment_name: Select the virtual cloud network (VCN) that contains the subnet that contains the private resources. In the drop-down, each VCN includes its DNS domain name in parentheses.
    • Subnet in compartment_name: Select the subnet that contains the private resources. The private endpoint connects to this subnet. In the drop-down, each subnet includes its DNS domain name and classless inter-domain routing (CIDR) block in parentheses.
    If the VCN or subnet is in a different compartment than the compartment that appears, click Change Compartment, and select the appropriate compartment.
  7. Click Create private endpoint.

    The private endpoint appears below the Private endpoint heading, but it isn't available for use yet. The entry is removed from the table if the private endpoint can't be created.

  8. Monitor the work request until the private endpoint is completed.
    1. In the left menu, below Resources, click Work requests.
    2. Find the work request in the table.
    3. Periodically refresh the page, and wait until the Status for the work request changes to Succeeded and the % Complete value is 100.
    4. To view details about a work request, click value in the Operation column.
      The Log messages page appears with details about the work request.
    Note

    If the work request doesn't succeed, your policy might not be set correctly, or you might not have completed another prerequisite task. See Troubleshoot Private Endpoints.

About five minutes after you clicked Create private endpoint, the work request finishes processing, and the private endpoint is available to use.

After the private endpoint is created, you can begin creating connections that use the private endpoint to secure outbound traffic. See Create a Connection and Adapters that Support Connecting to Private Endpoints in Using Integrations in Oracle Integration 3.
You can't modify the private endpoint. If you need to make changes, simply delete the endpoint and create it again. See Delete a Private Endpoint.