X

Best Practices from Oracle Development's A‑Team

Connecting to Oracle Analytics Cloud with a Private End-Point

Validated July 24, 2020 with OAC 5.7

Introduction

Oracle Analytics Cloud (OAC) may now be provisioned within a Virtual Cloud network (VCN) with a private IP address.

This is a parent post with links to various connection methods. It describes the primary Oracle Cloud Infrastructure (OCI) component required to connect to a private OAC instance and a step-by-step guide to the process for connecting from within the same VCN.

For a post about provisioning OAC with a private endpoint click here.

A post about other methods of connecting to OAC with a private endpoint is under construction.

Validations

July 24, 2020 with OAC 5.7 

Topics

Before You Begin

Securing Access to OAC in a Private Subnet

Provisioning a Security List for OAC in a Private Subnet

Connecting to OAC

 Before You Begin

The following diagram depicts the prerequisites required. These components are in place after provisioning OAC.

 Securing Access to OAC in a Private Subnet

The process in this post creates a new security list with a rule that opens the https port 443 for access using the OAC URL. The topology is shown below. Note: This post assumes a public subnet in the same VCN with a Windows compute instance for browser access to OAC. Describing how to provision the Windows instance is outside the scope of this post.

OCI VCN Security List

A security list acts as a virtual firewall for an instance, with ingress and egress rules that specify the types of traffic allowed in and out. This post provisions a new security list with an ingress rule allowing TCP traffic destined to port 443 from a public subnet in the same VCN. 

 Creating a Security List for OAC

 The following is a step-by-step guide for creating the security list for the private subnet containing OAC.

Connect to the OAC Console and navigate to the VCN where OAC is provisioned.

Resources

Under Resources click Security Lists.

Security List

Click Create Security List.

Enter a Name e.g. OACPE-PRVSN-SL

Accept the default for Create in Compartment

Ignore rules for now and click Create Security List

Ingress Rule

Click on the link for the new security list.

Under Ingress Rules click Add Ingress Rule 

Accept the defaults for Stateless and Source Type

Enter a CIDR for Source CIDR e.g. 10.0.3.64/26 In this post this is the CIDR for the public subnet that contains the Windows instance with a browser to access OAC.

Use TCP for the IP Protocol

Optionally enter a Source Port Range

Enter 443 for the Destination Port Range

Optionally enter a Description

Click Add Ingress Rule

Associate with Subnet

Navigate to the subnet provisioned for OAC. Under Security Lists click Add Security List.

Accept the default Security List Compartment

From the drop-down select the Security List created above

Click Add Security List

 Connecting to OAC

Connect to the Windows instance and open a browser session.

Enter the OAC URL and connect as a user with an OAC application role to view the home page. If you need the URL, open a session in the OCI Console and navigate to the OAC instance details.

 Summary

This post described the primary Oracle Cloud Infrastructure (OCI) component required to connect to a private OAC instance and a step-by-step guide to create it.

For other posts relating to analytics and data integration visit http://www.ateam-oracle.com/dayne-carley

 

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.Captcha

Recent Content