It is not the first blog post about ATP, but I think this one is even more interesting. For your information, a few days back at OCI Release Notes webpage I have found information about new features for OCI Autonomous DB offering. I am talking about Private Endpoints for ATP or ADW databases. This feature has been awaited for a very long time. Previously your ATP or ADW databases were available only via public IPs. Now you can nest them inside a particular VCN and subnet. It means your database will be available under private IP enclosed in your subnet’s CIDR. Of course, you need to prepare some Network Security Groups (NSG) on ATP/ADW level and VM level. Since that moment VM can connect to ATP/ADW with SQLNet connection via private IP. For testing purposes I have created small GitHub repo and below you can find a video about how to use that repo. I believe you will find this dish very delicious. 🙂
Martin, The Cook.
Subscribe to get access
For now video is blocked, but you can watch it immediately when you subscribe!
What is the topic for today? Network security of your OCI cloud infrastructure! Honestly speaking always an important topic, right? The basics of Network Security Groups (NSG), for the first time I have described in this blog post. Recently I have found in OCI Release Notes, that OCI File Storage Services supports now NSG. Immediately I have checked Terraform OCI Provider, just to confirm my favorite automation runtime also supports it. And guess what? Terraform OCI Provider in version 3.55.0 fully covers this feature. That is really amazing! Just one week later, after OCI release, Terraform Provider codebase has been updated! That is why I have decided to test it and add this stuff to my Terraform+OCI tutorial as a lesson 5a. I hope you will find it interesting! If it is true I really encourage you to subscribe to our YouTube Channel 🙂 One more thing – File Storage Service UDP and TCP ports for NSGs and Security Lists have been documented here.
Yes, OCI is changing very quickly! 🙂 Everyone, who follows OCI release notes, knows that. Oracle Cloud Gen2 is updated with new features even a couple of times every single month. It shouldn’t surprise you. That is how the modern cloud world works now. 🙂 In my Terraform+OCI short course, I was using security lists, but last summer in July 2019, in OCI new security feature, has been released – it has been called Network Security Groups (NSG). This new feature seems to be very popular in other cloud vendors configuration, so frankly speaking, it was rather obvious for me that OCI should embrace NSG, sooner or later. And now it is there in OCI and NSG concept is supported by Terraform OCI Provider (version >= 3.33.0) as well. NSG concept is more advanced and more elastic then Security Lists, mostly because it can be implemented on the VNIC level. It means you can still use Security List on the subnet level and then create some specific NSG for particular machines nested in this subnet. Security Lists and Network Security Groups work together as an union, is that right? 🙂 I guess you should check it up as fast as possible. 🙂 Here is a brand new video I have recorded for you. 🙂