Create a Database Management Private Endpoint for Oracle Cloud Databases
You must create a private endpoint to connect Database Management to an Oracle Cloud Database in the Base Database Service and ExaDB-D.
The information in this topic is only applicable for Oracle Cloud Databases in the Base Database Service and ExaDB-D and not for Oracle Cloud Databases in ExaDB-C@C.
The private endpoint is a representation of Database Management in the VCN in which the Oracle Cloud Database can be accessed, and acts as a VNIC with private IP addresses in a subnet of your choice. The private endpoint created in a VCN can be used to enable Database Management Diagnostics & Management for the Oracle Cloud Databases available in the same VCN and it cannot be used across multiple VCNs. The private endpoint does not have to be on the same subnet as the Oracle Cloud Database, although it must be on a subnet that can communicate with the Oracle Cloud Database.
In Database Management, you can create the following types of private endpoints:
- Private endpoint for single instance Oracle Cloud Databases:
You can create a maximum of five Database Management
private endpoints in your tenancy (per region) to connect to single instance
Oracle Cloud Databases in the Base Database Service. There's no restriction on
the number of single instance databases for which you can enable Diagnostics
& Management using a single private endpoint. The private endpoint for
single instance Oracle Cloud Databases has only one private IP address.
Note that you can also use this private endpoint type to connect Database Management to Autonomous Databases Serverless, if required. For information, see Create a Database Management Private Endpoint for Autonomous Databases.
- Private endpoint for RAC Oracle Cloud Databases: You can
create only one Database Management private endpoint in
your tenancy (per region) to connect to RAC Oracle Cloud Databases in the Base
Database Service and ExaDB-D. One private endpoint for RAC Oracle Cloud
Databases can support up to 15 Single Client Access Name (SCAN) listeners. In
the case of Virtual Machine DB systems, a SCAN listener is equal to one RAC
Virtual Machine DB system. In the case of ExaDB-D, it's equal to one Exadata VM
cluster, regardless of the number of individual RAC databases hosted on the
Exadata VM cluster. The private endpoint for RAC Oracle Cloud Databases has two
private IP addresses.
Note that you can also use this private endpoint type to connect Database Management to Autonomous Databases on Dedicated Exadata Infrastructure, if required. For information, see Create a Database Management Private Endpoint for Autonomous Databases.
Note that you can create one private endpoint of each type in a VCN, which means that you can create one private endpoint for single instance databases and one for RAC databases. If you need more private endpoints than the default limit of five single instance private endpoints and one RAC private endpoint in a tenancy, you can request for an increase to the private endpoint limit. For information, see Could not provision Database Management private endpoint. Please retry operation or contact Oracle Support.
Here's a diagram that provides an overview of how a Database Management private endpoint communicates with the Oracle Cloud Database.
For information on private endpoints, see About Private Endpoints.
Before you create a Database Management private endpoint in the VCN, you must:
- Make a note of the VCN and subnet information, which is available on the Database System Details page of the Oracle Cloud Database.
- Obtain the permissions required to work with virtual networking resources in Oracle Cloud Infrastructure and create a Database Management private endpoint. For information, see Permissions Required to Enable Diagnostics & Management for Oracle Cloud Databases.
To create a Database Management private endpoint:
To view details of the Database Management private endpoint, click its name. On the Private endpoint details page, you can:
- View details such as the associated VCN and subnet and the private IP addresses assigned to the Database Management private endpoint. Note that the private IP address information is required to configure security rules.
- Perform tag-related tasks.
- View the Associated databases.
- Click Work requests on the left pane under Resources to monitor the work requests pertaining to the private endpoint. You can click a particular work request to go to the Work request details page and view work request information, log messages, and error messages, if any.