Oracle Analytics Cloud: Architectural Patterns

In this blog, what are the different methods in which we can access Oracle Analytics Cloud Instance. we’ll see how to create an Oracle Analytics Cloud Instance in Private Subnet, see how to access and learn how to restrict traffic to our OAC Instance.

Method 1: Public Access from everywhere

Public access from everywhere

This is straight forward, while provisioning OAC instance, if you don’t choose any Network Access Type it’ll be public and the instance can be publicly accessible.

Method 2: Secure Access from specific CIDR range

Secure access from specific CIDR range

While provisioning OAC instance, if you click on Show Advanced Options and navigate to Network Access option, there you can choose “Configure Access Control” and specify the CIDR ranges from which you want to allow the traffic as shown below.

This is a simple way to restrict traffic.

Method 3: Private Access via Load Balancer & restricting using NSG on Load Balancer

Accessing OAC via Load Balancer and restricting traffic using NSG

In this method, we’ll provision our OAC instance in Private Subnet i.e., while provisioning OAC instance choose Network access Type as “Private” as shown in the previous method and then choose the respective VCN and subnet. Here you can choose either Public/Private subnet, for the purpose of this blog I will choose Private subnet, though the procedure would be same for Public Subnet as long as your Security List rules on Public Subnet doesn’t allow all the traffic except for the traffic from Load Balancer (Load Balancer should be created in a different Public subnet). You can learn on how to create Load Balancer from here (create it without any backend, listeners and Health Check policy on TCP 443). I have explained this architecture in detail here

Method 4: Private Access via Bastion & restricting traffic using NSG on OAC

Private Access to OAC via Bastion

In this method, we’ll provision our OAC instance in Private Subnet i.e., while provisioning OAC instance choose Network access Type as “Private” as shown in the previous method and then choose the respective VCN and subnet. Here you can choose either Public/Private subnet, for the purpose of this blog I will choose Private subnet, though the procedure would be same for Public Subnet as long as your Security List rules on Public Subnet doesn’t allow all the traffic except for the Public subnet on which we configure Bastion. I have explained this architecture in detail here.

!!!Happy Reading!!!

This blog is part of an OAC series which I am writing please check the remaining here

1. Oracle Analytics Cloud: Architectural patterns blog link here.
2. Oracle Analytics Cloud: Private Access via OCI Load Balancer blog link here.
3. Oracle Analytics Cloud: Private Access via OCI Bastion blog link here.
4. Oracle Analytics Cloud: Connect to Pvt. Autonomous Database blog link here.