Oracle Cloud Infrastructure Documentation

Configure a Private Endpoint for an Instance

A private endpoint lets your integrations connect to private resources in your virtual cloud network (VCN). All traffic goes through a private channel that is set up within Oracle Cloud Infrastructure. You can configure one private endpoint per instance.

Do you need a private endpoint?

To learn more about private endpoints, see About Private Endpoints.

Prerequisites

Before configuring and using your private endpoint, the VCN and subnet must be set up following the requirements, the private resources must be added to the subnet, and the policy that allows the private endpoint to manage resources in the compartment that holds your subnet must be in place. See Prerequisites for Configuring a Private Endpoint.

Note

If you don't complete the prerequisite tasks, you can't create the endpoint.

Instructions

  1. In the Oracle Cloud Console, open the navigation menu and click Developer Services, then, under Application Integration, click Integration.
  2. Open the Oracle Integration instance to which you want to add a private endpoint.
    If you don't see the instance you're looking for, make sure you're viewing the correct region (in the banner) and compartment (at the top of the instance list, next to Applied filters).
  3. On the Integration instance details page, in the tabs across the top, click Networking.
  4. Under Private endpoints, click Create private endpoint.
  5. In the Create private endpoint panel, fill in the fields:
    • Virtual cloud network compartment: If the virtual cloud network (VCN) with the private resources is in a different compartment, select the appropriate compartment.
    • Virtual cloud network: Select the VCN that contains the subnet with the private resources. In the drop-down list, each VCN includes its DNS domain name in parentheses.
    • Subnet compartment: If the subnet with the private resources is in a different compartment, select the appropriate compartment.
    • Subnet: Select the subnet that contains the private resources. The private endpoint connects to this subnet. In the drop-down list, each subnet includes its DNS domain name and classless inter-domain routing (CIDR) block in parentheses.
  6. Click Create.

    The private endpoint appears below the Private endpoint heading, but it isn't available for use yet. A work request is created. It takes about five minutes for the work request to complete.

  7. Monitor the work request until the private endpoint is completed.
    1. In the tabs across the top, click Work requests.
    2. Find the work request in the table.
    3. Periodically refresh the page, and wait until the Status for the work request changes to Succeeded and the % Complete value is 100.
    4. To view details about a work request, click the work request entry in the Operation column.
      The Log messages panel opens with details about the work request.
    Note

    If the work request doesn't succeed, the work request will show that it has failed, and the private endpoint entry is removed from the table on the Networking tab. If the work request fails, your policy might not be set correctly, or you might not have completed another prerequisite task. See Troubleshoot Private Endpoints.

If your Oracle Integration instance needs to send information to a ZPR-secured OCI resource, you also need to add the appropriate security attributes. See Assign ZPR Security Attributes to Your Instance.

After the private endpoint is created, create connections that use the private endpoint to secure outbound traffic. See Use a Private Endpoint in a Connection.

Note

You can't modify the private endpoint. If you need to make changes, simply delete the endpoint and create it again. See Delete a Private Endpoint.