Oracle Cloud Infrastructure Documentation

Before You Begin

One of the ways OCI lets you configure private access for resources using private endpoints.

Anomaly Detection uses private endpoints to access the private network where data sources are hosted.

You must have the required policies to use the Anomaly Detection private endpoints.

Also, to create, update, or delete private endpoints in OCI, obtain certain permissions in OCI Identity and Access Management (IAM) for the relevant compartments in the tenancy. The following table lists the required permissions for virtual networking resources in OCI for the private endpoint operations.

Operation Required Access on Underlying Resources
Create a private endpoint

For the private endpoint compartment:

  • Create VNIC (VNIC_CREATE)
  • Delete VNIC (VNIC_DELETE)
  • Update members in a network security group (NETWORK_SECURITY_GROUP_UPDATE_MEMBERS)
  • Associate a network security group (VNIC_ASSOCIATE_NETWORK_SECURITY_GROUP)

For the subnet compartment:

  • Attach subnet (SUBNET_ATTACH)
  • Detach subnet (SUBNET_DETACH)
Update a private endpoint

For the private endpoint compartment:

  • Update VNIC (VNIC_UPDATE)
  • Update members in a network security group (NETWORK_SECURITY_GROUP_UPDATE_MEMBERS)
  • Associate a network security group (VNIC_ASSOCIATE_NETWORK_SECURITY_GROUP)
Delete a private endpoint

For the private endpoint compartment:

  • Delete VNIC (VNIC_DELETE)
  • Update members in a network security group (NETWORK_SECURITY_GROUP_UPDATE_MEMBERS)

For the subnet compartment:

  • Detach subnet (SUBNET_DETACH)
Note

If you are managing the Anomaly Detection private endpoints resource, we recommend that you also have the manage work requests permission. It ensures that you are able to view the logs and error messages that are encountered while working with private endpoints.