Creating a VPC for use with an Oracle database Creating an Oracle DB instance Additional Amazon RDS interfaces

Setting up Amazon RDS to host tools and third-party software for Oracle

You can use Amazon RDS to host an Oracle DB instance that supports software and components such as the following:

Siebel Customer Relationship Management (CRM)
Oracle Fusion Middleware Metadata — installed by the Repository Creation Utility (RCU)

The following procedures help you create an Oracle DB instance on Amazon RDS that you can use to host additional software and components for Oracle.

Topics

Creating a VPC for use with an Oracle database
Creating an Oracle DB instance
Additional Amazon RDS interfaces

Creating a VPC for use with an Oracle database

In the following procedure, you create a virtual private cloud (VPC) based on the Amazon VPC service, a private subnet, and a security group. Your Amazon RDS DB instance needs to be available only to your middle-tier components, and not to the public internet. Thus, your Amazon RDS DB instance is hosted in a private subnet, providing greater security.

To create a VPC based on Amazon VPC

Sign in to the Amazon Web Services Management Console and open the Amazon VPC console at https://console.amazonaws.cn/vpc/.
In the upper-right corner of the Amazon Web Services Management Console, choose the Amazon Region for your VPC. This example uses the US West (Oregon) region.
In the upper-left corner, choose VPC Dashboard, and then choose Start VPC Wizard.
On the page Step 1: Select a VPC Configuration, choose VPC with Public and Private Subnets, and then choose Select.

On the page Step 2: VPC with Public and Private Subnets, shown following, set the following values.

Option	Value
IPv4 CIDR block	`10.0.0.0/16` For more information about selecting CIDR blocks for your VPC, see VPC sizing.
IPv6 CIDR block	No IPv6 CIDR Block
VPC name	The name for your VPC, for example `vpc-1`.
Public subnet's IPv4 CIDR	`10.0.0.0/24` For more information about subnet sizing, see Subnet sizing.
Availability Zone	An Availability Zone for your Amazon Region.
Public subnet name	The name for your public subnet, for example `subnet-public-1`.
Private subnet's IPv4 CIDR	`10.0.1.0/24` For more information about subnet sizing, see Subnet sizing.
Availability Zone	An Availability Zone for your Amazon Region.
Private subnet name	The name for your private subnet, for example `subnet-private-1`.
Instance type	An instance type for your NAT instance, for example `t2.small`. Note If you don't see Instance type in the console, choose Use a NAT instance instead.
Key pair name	`No key pair`
Service endpoints	`None`
Enable DNS hostnames	`Yes`
Hardware tenancy	`Default`

VPC with Public and Private Subnets Wizard

Choose Create VPC.

An Amazon RDS DB instance in a VPC requires at least two private subnets or at least two public subnets, to support Multi-AZ deployment. For more information about working with multiple Availability Zones, see Regions, Availability Zones, and Local Zones. Because your database is private, add a second private subnet to your VPC.

To create an additional subnet

Sign in to the Amazon Web Services Management Console and open the Amazon VPC console at https://console.amazonaws.cn/vpc/.
In the upper-right corner of the Amazon Web Services Management Console, confirm that you are in the correct Amazon Region for your VPC.
In the upper-left corner, choose VPC Dashboard, choose Subnets, and then choose Create Subnet.

On the Create Subnet page, set the following values.

Option	Value
Name tag	The name for your second private subnet, for example `subnet-private-2`.
VPC	Your VPC, for example `vpc-1`.
Availability Zone	An Availability Zone for your Amazon Region. Note Choose an Availability Zone different from the one that you chose for the first private subnet.
CIDR block	`10.0.2.0/24`

Choose Yes, Create.

Both private subnets must use the same route table. In the following procedure, you check to make sure the route tables match, and if not you edit one of them.

To ensure the subnets use the same route table.

Sign in to the Amazon Web Services Management Console and open the Amazon VPC console at https://console.amazonaws.cn/vpc/.
In the upper-right corner of the Amazon Web Services Management Console, confirm that you are in the correct Amazon Region for your VPC.
In the upper-left corner, choose VPC Dashboard, choose Subnets, and then choose your first private subnet, for example subnet-private-1.
At the bottom of the console, choose the Route Table tab, shown following.
Make a note of the route table, for example rtb-0d9fc668.
In the list of subnets, choose the second private subnet, for example subnet-private-2.
At the bottom of the console, choose the Route Table tab.
If the route table for the second subnet is not the same as the route table for the first subnet, edit it to match:
1. Choose Edit.
2. For Change to, choose the route table that matches your first subnet.
3. Choose Save.

A security group acts as a virtual firewall for your DB instance to control inbound and outbound traffic. In the following procedure, you create a security group for your DB instance. For more information about security groups, see Security groups for your VPC.

To create a VPC security group for a private Amazon RDS DB instance

Sign in to the Amazon Web Services Management Console and open the Amazon VPC console at https://console.amazonaws.cn/vpc/.
In the upper-right corner of the Amazon Web Services Management Console, confirm that you are in the correct Amazon Region for your VPC.
In the upper-left corner, choose VPC Dashboard, choose Security Groups, and then choose Create Security Group.

On the page Create Security Group, set the following values.

Option	Value
Name tag	The name for your security group, for example `sgdb-1`.
Group name	The name for your security group, for example `sgdb-1`.
Description	A description for your security group.
VPC	Your VPC, for example `vpc-1`.

Choose Yes, Create.

In the following procedure, you add rules to your security group to control inbound traffic to your DB instance. For more information about inbound rules, see Security group rules.

To add inbound rules to the security group

Sign in to the Amazon Web Services Management Console and open the Amazon VPC console at https://console.amazonaws.cn/vpc/.
In the upper-right corner of the Amazon Web Services Management Console, confirm that you are in the correct Amazon Region for your VPC.
In the upper-left corner, choose VPC Dashboard, choose Security Groups, and then choose your security group, for example sgdb-1.
At the bottom of the console, choose the Inbound Rules tab, and then choose Edit.

Set these values, as shown following.

Option	Value
Type	`Oracle (1521)`
Protocol	`TCP (6)`
Port Range	1521
Source	The identifier of your security group. When you choose the box, you see the name of your security group, for example `sgdb-1`.

Choose Save.

Creating an Oracle DB instance

You can use Amazon RDS to host an Oracle DB instance. When you create the new DB instance, specify the VPC and security group you created previously using the instructions in Creating a VPC for use with an Oracle database. Also, choose No for Publicly accessible.

For information about creating a DB instance, see Creating an Amazon RDS DB instance.

Additional Amazon RDS interfaces

In the preceding tasks, you use the Amazon Web Services Management Console to perform tasks. Amazon Web Services also provides the Amazon Command Line Interface (Amazon CLI), and an application programming interface (API). You can use the Amazon CLI or the API to automate many of the tasks for managing Amazon RDS, including tasks to manage an Oracle DB instance with Amazon RDS.

For more information, see Amazon Command Line Interface reference for Amazon RDS and Amazon RDS API Reference.

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Tools and third-party software for Oracle

Using Oracle GoldenGate