Private Endpoint
Oracle Cloud Infrastructure (OCI) Private Endpoint provides no-cost, private, secure access to one of many OCI services from within a virtual cloud network (VCN) or on-premises network without traversing the internet.
Benefits of OCI Private Endpoint
1. Secure, private access to a single OCI service
Ensure that data stays within OCI, even when communicating with public services. OCI Private Endpoint enables simple and private access to public services, keeping all traffic off the public internet.
2. 25+ services accessible
More than 25 services offered in OCI are available as private endpoints, configured in a subnet for simple access. View the complete list.
3. No additional fee for OCI Private Endpoint
OCI Private Endpoint is available for no additional charge. There is no per-hour connection fee or per-byte data processing fee, which other cloud providers typically charge for similar services.
How does OCI Private Endpoint work?
OCI Private Endpoint exists as a private IP address within a subnet in your VCN. Each private endpoint can access one of more than 25 discrete services within OCI.
Control access to the service by configuring security rules as you would for any virtual NIC in a subnet.
Create multiple private endpoints if you need access to multiple services (one private endpoint for each service).
Resources in an on-premises network will travel over a virtual private network or FastConnect dedicated circuit (private peering) to a dynamic routing gateway, and then to the private endpoint in the appropriate subnet. Network traffic remains within OCI and does not traverse the public internet.
This image shows a logical layout of resources and connections in a typical scenario for OCI Private Endpoint.
An OCI region is shown that contains a virtual cloud network with an attached internet gateway, dynamic routing gateway, and service gateway.
The virtual cloud network contains a public-facing subnet with a virtual machine resource. The virtual machine has access to the internet through the internet gateway.
The virtual cloud network also contains a private subnet with a virtual machine resource. Also within the private subnet is a private endpoint component that consumes an IP address in the subnet.
Within the region is a grouping of Oracle-managed resources, called the Oracle Services Network. This includes OCI Object Storage and a database service. The Oracle Services Network can be reached via the private endpoint without leaving the network in the region.
Resources in the private subnet can access just one of the eligible services in the Oracle Services Network via the private endpoint. If multiple services are to be accessed, each would need its own private endpoint.
Resources
Pages
- There is no additional charge for OCI Private Endpoint.
- Oracle Cloud Infrastructure Economics
- Oracle Cloud Infrastructure Pricing
- Billing and Payment Tools Overview
How can we help you?
Oracle Cloud Infrastructure training
Get started with OCI Private Endpoint
Oracle Cloud Free Tier
Build, test, and deploy applications on Oracle Cloud—for free. Sign up once, get access to two free offers.
Contact sales
Interested in learning more about Oracle Cloud Infrastructure? Let one of our experts help.
* OCI Private Endpoint requires a paid OCI account, either as a pay-as-you-go or Universal Credits contract.