Oracle Cloud Infrastructure Documentation

Set Up Networking

Set up networking for Resource Analytics.

Follow these steps to set up networking:

1. Create a VCN with a Private Subnet in the same compartment where the Resource Analytics instance is being created

For maximum security, the Autonomous Data Warehouse (ADW) and, optionally, Oracle Analytics Cloud (OAC) instance, associated with and provisioned by your Resource Analytics instance, are private. Resource Analytics provisions them on a private subnet of a VCN you select as part of the creation workflow. The subnet must exist before you create the Resource Analytics instance.

  1. Select the resource-analytics-compartment compartment.
  2. Create a VCN called resource-analytics-vcn with, for example, CIDR 192.168.0.0/16.
    For more information on creating a VCN, see Creating a VCN.
    Note

    You must select Use DNS hostnames in this VCN.
  3. Create a private subnet called resource-analytics-private-subnet with, for example, CIDR 192.168.0.0/24 in the VCN you created in the previous step.
    Note

    You must select Use DNS hostnames in this Subnet with a label.
    For more information on creating a subnet in the VCN, see Creating a Subnet.

2. Allow Ingress from the Resource Analytics and OAC Private Endpoints

Resource Analytics provisions a Private Endpoint on the same subnet as the ADW and OAC instances. To let Resource Analytics update the data and metadata of the ADW and OAC instances, you must explicitly allow stateful ingress from the subnet's CIDR on ports 1522 and 443 by configuring the subnet to use a security list and changing its rules.

  1. Obtain the CIDR for the private subnet which holds the ADW and OAC instances for the Resource Analytics instance.

    In this example, the subnet resource-analytics-private-subnet has the CIDR 192.168.0.0/24.

  2. To ensure that the necessary ingress rules only apply to the subnet for Resource Analytics-provisioned resources, create a security list called resource-analytics-mgmt-sl.
  3. Include the following rules in resource-analytics-mgmt-sl:
    Type Stateless Source Type Source CIDR IP Protocol Source Port Range Destination Port Range Description
    Ingress No CIDR For example, 192.168.0.0/24 (substitute the CIDR of the private subnet) TCP All 1521 to 1522 Resource Analytics and OAC access to ADW
    Ingress No CIDR For example, 192.168.0.0/24 (substitute the CIDR of the private subnet) TCP All 443 Resource Analytics access to Graph and OAC

    For more information, see Creating a Security List.

  4. Update the resource-analytics-private-subnet, created before, to use the new security list in addition to the default list.
    1. Navigate to your subnet.
    2. Select Security.
    3. Select Add Security List.
    4. Select the security list created in the previous steps.
    For more information, see Changing Which Security Lists a Subnet Uses.