If you select public network as the connection type when you create a data source or data migration task with Amazon Web Services (AWS) as the cloud vendor, you need to add the IP address of the data source to the allowlist of the MySQL database instance (including Aurora MySQL, RDS MySQL, and self-managed MySQL), the Oracle database instance (including RDS Oracle and self-managed Oracle), the self-managed OceanBase database instance, the Kafka instance (including cloud instance Kafka and self-managed Kafka), the PostgreSQL database instance (including RDS PostgreSQL, Aurora PostgreSQL, and self-managed PostgreSQL), and the self-managed TiDB database instance. This ensures that the data source can be accessed.
Obtain the IP address to be added to the allowlist
Log in to the OceanBase Cloud console.
Access the Create Data Source page.
Here takes the procedure on the Create Data Source page as an example. You can also click Data Services > Migrations > Migrate Data, and obtain the IP address to be added to the allowlist from the Create Task page.
In the left-side navigation pane, click Data Services > Data Sources.
On the Data Sources page, click Create Data Source in the upper-right corner and select the data source type.
On the Create Data Source page, select AWS for Cloud Vendor, Public IP for Connection Method, and the instance type as needed.
Copy the IP address displayed below the Connection Information text box.
Note
The selected region must be the same as the region where the AWS instance is located.
Add an IP address to the allowlist of an Aurora MySQL/PostgreSQL instance or an RDS for MySQL/Oracle/PostgreSQL instance
Access the Security Groups page.
Log in to the Amazon RDS console and go to the Databases page.
Click the database ID of the target database instance.
On the Connectivity & security tab, click the virtual private cloud (VPC) security group in the Security section.
VPC security group of an Aurora MySQL/PostgreSQL instance
VPC security group of an RDS for MySQL/Oracle/PostgreSQL instance
On the Security Groups page, click the ID of the target security group to go to its details page.
In the Inbound rules section, click Edit inbound rules in the upper-right corner.
On the Edit inbound rules page, click Add rule and configure the parameters.
Parameter Description Type The rule type. Select Custom TCP. Protocol The protocol type. The default value is TCP. Port range Enter the corresponding port number. Source Enter the IP address copied on the page for creating a data source or data migration task. Description - optional The description of the rule to be added. Click Save rules.
Add an IP address to the allowlist of a cloud Kafka instance
Go to the Security Group page.
Log in to the Amazon MSK console.
On the Clusters page, click the name of the target cluster to go to the details page.
Click the Attributes tab. In the Networking settings section, click the ID of the applied security group to go to the VPC Console > Security Group page.
In the Inbound rules section of the security group details page, click Edit inbound rules in the upper-right corner.
On the Edit inbound rules page, click Add rule and configure the parameters.
Parameter Description Type The rule type. Select Custom TCP. Protocol The protocol type. The default value is TCP. Port range Enter port 9092. Source Enter the IP address that you copied from the page for creating a data source or data migration task. Description (optional) The description of the rule. Click Save rule.
Add an IP address to the allowlist of a self-managed MySQL/Oracle/OceanBase/Kafka/PostgreSQL/TiDB instance
Access the Security Groups page.
Log in to the Amazon Elastic Compute Cloud (EC2) console and go to the Instances page.
On the Instances page, click the ID of the self-managed database instance you created.
On the details page of the target instance, click the security group name on the Security tab to go to the details page of the security group.
In the Inbound rules section of the security group details page, click Edit inbound rules in the upper-right corner.
On the Edit inbound rules page, click Add rule and configure the parameters.
Parameter Description Type The rule type. Select Custom TCP. Protocol The protocol type. The default value is TCP. Port range Enter the corresponding port number. Source Enter the IP address copied on the page for creating a data source or data migration task. Description - optional The description of the rule to be added. Click Save rules.