Setting up Amazon RDS to host tools and third-party software for Oracle - Amazon Relational Database Service

Setting up Amazon RDS to host tools and third-party software for Oracle

You can use Amazon RDS to host an Oracle DB instance that supports software and components such as the following:

  • Siebel Customer Relationship Management (CRM)

  • Oracle Fusion Middleware Metadata — installed by the Repository Creation Utility (RCU)

The following procedures help you create an Oracle DB instance on Amazon RDS that you can use to host additional software and components for Oracle.

Creating a VPC for use with an Oracle database

In the following procedure, you create a virtual private cloud (VPC) based on the Amazon VPC service, a private subnet, and a security group. Your Amazon RDS DB instance needs to be available only to your middle-tier components, and not to the public internet. Thus, your Amazon RDS DB instance is hosted in a private subnet, providing greater security.

To create a VPC based on Amazon VPC
  1. Sign in to the AWS Management Console and open the Amazon VPC console at https://console.aws.amazon.com/vpc/.

  2. In the upper-right corner of the AWS Management Console, choose the AWS Region for your VPC. This example uses the US West (Oregon) region.

  3. In the upper-left corner, choose VPC Dashboard, and then choose Start VPC Wizard.

  4. On the page Step 1: Select a VPC Configuration, choose VPC with Public and Private Subnets, and then choose Select.

  5. On the page Step 2: VPC with Public and Private Subnets, shown following, set the following values.

    Option Value
    IPv4 CIDR block

    10.0.0.0/16

    For more information about selecting CIDR blocks for your VPC, see VPC sizing.

    IPv6 CIDR block

    No IPv6 CIDR Block

    VPC name

    The name for your VPC, for example vpc-1.

    Public subnet's IPv4 CIDR

    10.0.0.0/24

    For more information about subnet sizing, see Subnet sizing.

    Availability Zone An Availability Zone for your AWS Region.
    Public subnet name

    The name for your public subnet, for example subnet-public-1.

    Private subnet's IPv4 CIDR

    10.0.1.0/24

    For more information about subnet sizing, see Subnet sizing.

    Availability Zone

    An Availability Zone for your AWS Region.

    Private subnet name

    The name for your private subnet, for example subnet-private-1.

    Instance type

    An instance type for your NAT instance, for example t2.small.

    Note

    If you don't see Instance type in the console, choose Use a NAT instance instead.

    Key pair name

    No key pair

    Service endpoints

    None

    Enable DNS hostnames

    Yes

    Hardware tenancy

    Default

    
                            VPC with Public and Private Subnets Wizard
  6. Choose Create VPC.

An Amazon RDS DB instance in a VPC requires at least two private subnets or at least two public subnets, to support Multi-AZ deployment. For more information about working with multiple Availability Zones, see Regions, Availability Zones, and Local Zones. Because your database is private, add a second private subnet to your VPC.

To create an additional subnet
  1. Sign in to the AWS Management Console and open the Amazon VPC console at https://console.aws.amazon.com/vpc/.

  2. In the upper-right corner of the AWS Management Console, confirm that you are in the correct AWS Region for your VPC.

  3. In the upper-left corner, choose VPC Dashboard, choose Subnets, and then choose Create Subnet.

  4. On the Create Subnet page, set the following values.

    Option Value
    Name tag

    The name for your second private subnet, for example subnet-private-2.

    VPC

    Your VPC, for example vpc-1.

    Availability Zone

    An Availability Zone for your AWS Region.

    Note

    Choose an Availability Zone different from the one that you chose for the first private subnet.

    CIDR block

    10.0.2.0/24

  5. Choose Yes, Create.

Both private subnets must use the same route table. In the following procedure, you check to make sure the route tables match, and if not you edit one of them.

To ensure the subnets use the same route table.
  1. Sign in to the AWS Management Console and open the Amazon VPC console at https://console.aws.amazon.com/vpc/.

  2. In the upper-right corner of the AWS Management Console, confirm that you are in the correct AWS Region for your VPC.

  3. In the upper-left corner, choose VPC Dashboard, choose Subnets, and then choose your first private subnet, for example subnet-private-1.

  4. At the bottom of the console, choose the Route Table tab, shown following.

    
                            Route Table information
  5. Make a note of the route table, for example rtb-0d9fc668.

  6. In the list of subnets, choose the second private subnet, for example subnet-private-2.

  7. At the bottom of the console, choose the Route Table tab.

  8. If the route table for the second subnet is not the same as the route table for the first subnet, edit it to match:

    1. Choose Edit.

    2. For Change to, choose the route table that matches your first subnet.

    3. Choose Save.

A security group acts as a virtual firewall for your DB instance to control inbound and outbound traffic. In the following procedure, you create a security group for your DB instance. For more information about security groups, see Security groups for your VPC.

To create a VPC security group for a private Amazon RDS DB instance
  1. Sign in to the AWS Management Console and open the Amazon VPC console at https://console.aws.amazon.com/vpc/.

  2. In the upper-right corner of the AWS Management Console, confirm that you are in the correct AWS Region for your VPC.

  3. In the upper-left corner, choose VPC Dashboard, choose Security Groups, and then choose Create Security Group.

  4. On the page Create Security Group, set the following values.

    Option Value
    Name tag

    The name for your security group, for example sgdb-1.

    Group name

    The name for your security group, for example sgdb-1.

    Description

    A description for your security group.

    VPC

    Your VPC, for example vpc-1.

  5. Choose Yes, Create.

In the following procedure, you add rules to your security group to control inbound traffic to your DB instance. For more information about inbound rules, see Security group rules.

To add inbound rules to the security group
  1. Sign in to the AWS Management Console and open the Amazon VPC console at https://console.aws.amazon.com/vpc/.

  2. In the upper-right corner of the AWS Management Console, confirm that you are in the correct AWS Region for your VPC.

  3. In the upper-left corner, choose VPC Dashboard, choose Security Groups, and then choose your security group, for example sgdb-1.

  4. At the bottom of the console, choose the Inbound Rules tab, and then choose Edit.

  5. Set these values, as shown following.

    Option Value
    Type

    Oracle (1521)

    Protocol

    TCP (6)

    Port Range

    1521

    Source

    The identifier of your security group. When you choose the box, you see the name of your security group, for example sgdb-1.

    
                            Inbound Rules information
  6. Choose Save.

Creating an Oracle DB instance

You can use Amazon RDS to host an Oracle DB instance. When you create the new DB instance, specify the VPC and security group you created previously using the instructions in Creating a VPC for use with an Oracle database. Also, choose No for Publicly accessible.

For information about creating a DB instance, see Creating an Amazon RDS DB instance.

Additional Amazon RDS interfaces

In the preceding tasks, you use the AWS Management Console to perform tasks. Amazon Web Services also provides the AWS Command Line Interface (AWS CLI), and an application programming interface (API). You can use the AWS CLI or the API to automate many of the tasks for managing Amazon RDS, including tasks to manage an Oracle DB instance with Amazon RDS.

For more information, see AWS Command Line Interface reference for Amazon RDS and Amazon RDS API Reference.