Validated April 7, 2021 for OAC 5.9
Oracle Analytics Private Access Channel currently disallows an autonomous database domain name in a remote region. This post is a step-by-step workaround for creating private connections to autonomous databases in remote regions using Private Access Channel. It is one of the posts listed in the OAC Private Access Series.
Note: Only one autonomous database region is allowed for RPD connections defined in the development client tool. Continue using Remote Data Gateway for additional regions.
April 7, 2021 for OAC 5.9
Before You Begin
Deploying Required Components
Validating Connections to Private Autonomous Databases in Remote Regions
|OAC||Oracle Analytics Cloud|
|VCN||Virtual Cloud Network|
|OCI||Oracle Cloud Infrastructure|
|FQDN||Fully Qualified Domain Name|
|PAC||Private Access Channel|
|OSN||Oracle Services Network|
|DRG||Dynamic Routing Gateway|
|DNS||Domain Name System|
|ACL||Access Control List - Security List|
This post assumes the following components are deployed for connectivity to a remote region.
|VCNs||Hosts OAC and ADB subnets||link|
|DRGs||Facilitates VPN, FastConnect, and remote peering between regions||link|
|SUBNET||Hosts OAC and ADB instances||link|
|ROUTE RULE||Routes OAC traffic to a remote region||link|
|SECURITY LIST||Allows ADB ingress and OAC egress||link|
A user account in an OCI tenancy for managing OAC and network resources
The following table lists the components to be deployed with links for reference.
|FQDN||Custom FQDN for Remote ADB||link|
|DNS PRIVATE ZONE||Custom Zone for FQDN||link|
|PAC DEFINITION||Using Custom Domain||link|
The following tables provide component details with example values.
Create a custom FQDN for the ADB
Find the IP address of the remote ADB. This may have to be performed from an instance in the remote region.
Create a custom private zone for the custom ADB domain and attach it to the default private view of the VCN hosting PAC.
Add an "A" record for the custom FQDN to the zone.
Add the custom domain to the PAC definition
Unzip the ADB credentials, edit the tnsnames.ora file and change the hostname of the ADB to the custom FQDN.
Save the file and re-zip the credential files.
The deployed components are depicted below. Click here for a short clip.
Validate that OAC can connect to the private ADB in a remote region.
Sign-in to OAC
Click Create > Connection
Choose Autonomous Data Warehouse as the Connection Type
Upload the modified Client Credentials zip file
Choose the appropriate Service Name
Enter the ADB Username and Password
The connection flow is shown below. Click here for a short clip.
This post provided a step-by-step guide for creating private connections to autonomous databases in remote regions using Private Access Channel.
For other posts relating to analytics and data integration visit http://www.ateam-oracle.com/dayne-carley