Create Database Links with Customer-Managed Heterogeneous Connectivity to Non-Oracle Databases on a Private Endpoint
You can create database links from an Autonomous Database to an Oracle Database Gateway to access Non-Oracle databases that are on a private endpoint.
This section covers the steps for using database links to connect from Autonomous Database to a non-Oracle Database that through an Oracle Database Gateway, where the non-Oracle Database is on a private endpoint.
- Prerequisites to Create Database Links with Customer-Managed Heterogeneous Connectivity to Non-Oracle Databases on a Private Endpoint
Lists the prerequisites to create database links from an Autonomous Database with Customer-Managed Heterogeneous Connectivity to Non-Oracle Databases that are on a Private Endpoint. - Create Database Links with Customer-Managed Heterogeneous Connectivity to Non-Oracle Databases on a Private Endpoint (without a wallet)
You can create database links from an Autonomous Database instance to an Oracle Database Gateway to access Non-Oracle databases that are on a private endpoint, connecting either with a wallet (TCPS) or without a wallet (TLS). - Create Database Links with Customer-Managed Heterogeneous Connectivity to Non-Oracle Databases on a Private Endpoint (with a Wallet)
You can create database links from an Autonomous Database instance to an Oracle Database Gateway to access Non-Oracle databases that are on a private endpoint, connecting either with a wallet (TCPS) or without a wallet (TLS).
Prerequisites to Create Database Links with Customer-Managed Heterogeneous Connectivity to Non-Oracle Databases on a Private Endpoint
Lists the prerequisites to create database links from an Autonomous Database with Customer-Managed Heterogeneous Connectivity to Non-Oracle Databases that are on a Private Endpoint.
To create a database link with Customer-Managed Heterogeneous Connectivity to Non-Oracle Databases that are on a Private Endpoint:
-
The target database must be accessible from the source database's Oracle Cloud Infrastructure VCN. For example, you can connect to the target database when:
-
The target database is on a private endpoint.
-
Both the source database and the target database are in the same Oracle Cloud Infrastructure VCN.
-
The source database and the target database are in different Oracle Cloud Infrastructure VCNs that are paired.
-
For a target on a private endpoint,
DBMS_CLOUD_ADMIN.CREATE_DATABASE_LINK
supports specifying a single hostname with thehostname
parameter. On a private endpoint, using an IP address, SCAN IP, or a SCAN hostname is not supported (when the target is on a public endpoint,CREATE_DATABASE_LINK
supports using an IP address, a SCAN IP, or a SCAN hostname).
-
-
The following ingress and egress rules must be defined for the private endpoint:
-
Define an egress rule in the source database's subnet security list or network security group such that the traffic over TCP is allowed to the target database's IP address and port number.
-
Define an ingress rule in the target database's subnet security list or network security group such that the traffic over TCP is allowed from the source database IP address to the destination port.
See Configure Network Access with Private Endpoints for information on configuring private endpoints with ingress and egress rules.
-
When your Autonomous Database instance is configured with a private endpoint, set the
ROUTE_OUTBOUND_CONNECTIONS
database parameter to
'PRIVATE_ENDPOINT
' to specify that all outgoing database links are
subject to the Autonomous Database instance
private endpoint VCN's egress rules. See Enhanced Security for Outbound Connections with Private Endpoints for more information.
Create Database Links with Customer-Managed Heterogeneous Connectivity to Non-Oracle Databases on a Private Endpoint (without a wallet)
You can create database links from an Autonomous Database instance to an Oracle Database Gateway to access Non-Oracle databases that are on a private endpoint, connecting either with a wallet (TCPS) or without a wallet (TLS).
To create database links from an Autonomous Database instance on a private endpoint to a target Oracle Database Gateway, connecting without a wallet (TLS):
For the credentials you create in Step 1, the Oracle Database Gateway credentials, if the password of the target user changes you can update the credential that contains the target user's credentials as follows:
BEGIN
DBMS_CLOUD.UPDATE_CREDENTIAL
(
credential_name => 'DB_LINK_CRED',
attribute => 'PASSWORD',
value => 'password');
END;
/
Where password is the new password.
After this operation, the existing database links that use this credential continue to work without having to drop and recreate the database links.
For additional information, see:
Create Database Links with Customer-Managed Heterogeneous Connectivity to Non-Oracle Databases on a Private Endpoint (with a Wallet)
You can create database links from an Autonomous Database instance to an Oracle Database Gateway to access Non-Oracle databases that are on a private endpoint, connecting either with a wallet (TCPS) or without a wallet (TLS).
To create database links from an Autonomous Database instance on a private endpoint to a target Oracle Database Gateway, and connect without a wallet:
For the credentials you create in Step 5, the Oracle Database Gateway credentials, if the password of the target user changes you can update the credential that contains the target user's credentials as follows:
BEGIN
DBMS_CLOUD.UPDATE_CREDENTIAL
(
credential_name => 'DB_LINK_CRED',
attribute => 'PASSWORD',
value => 'password');
END;
/
Where password is the new password.
After this operation, the existing database links that use this credential continue to work without having to drop and recreate the database links.
For additional information, see: