Oracle Autonomous Database: Provisioning & Restricting Traffic

We often see customers come up with requirements to access the database of the Development environment publicly through their VPN network. Whereas the Production environment Database should not have a public endpoint. Oracle’s Autonomous Database has a solution to address all these needs, in addition providing flexibility to customers to change the Network access type anytime post provisioning.

In this blog, we will see how to provision an Autonomous Database and the ways to restrict traffic to Oracle’s Autonomous Database.

Let us first cover the topic of provisioning an Autonomous Database.

Below is the approach to provision an Autonomous Database.

Click on Autonomous Database under Oracle Database

From the above snippet, you can click on Autonomous Database and click on Create Autonomous Database

Choose Workload & Deployment Type

Choose the compartment where you want to create the database and name your Database. Then choose your workload type & Deployment Type from the available choices. Refer to this for more on Workload types.

Provide Credentials, choose Network access Type & License model.

Upon choosing the above click on Create Autonomous Database to create your Database.

Autonomous Database — Secure Access from everywhere

Autonomous Database — Secure Access from allowed IPs & VCNs only

Autonomous Database — Private Endpoint Access only

Network Access

NOTE: For Option2 & Option3 above you would still be needing Wallet & Credentials as in Option1.

Refer to this for more on Network Access.

By default ADB created via Option 2 & Option3 have restricted access as we mention IPs from which you want to access via Access Control List for Option2 and via Security List rules in Option3.

For Option1, which is publicly accessible, you can restrict access even to this via Access Control List making this similar to Option2 i.e., Secure Access from allowed IPs and VCNs only.

Refer to this to know how to access Autonomous Database (ADB) created via Option1 & Option2 locally (only if your machine IP is listed in the Allowed list for Option2).

Refer to this to know how to access Autonomous Database (ADB) created via Option3 locally.

You can change the network access type post provisioning ADB by simply clicking on More Actions and choosing Update Network Access

Update Network Access

In addition to the above approaches, you can try accessing ADB provisioned in Private Network via Load Balancer, where your Load Balancer is provisioned in Public Network and Private IP of ADB will be added as Load Balancer Backend.

Autonomous Database — Private Network access only via Public Load Balancer

The entire configuration to achieve this is explained in detail here.

!!! HAPPY READING !!!