1.

Oracle Cloud Infrastructure Foundations

1.1. OCI Introduction

1.1.1. OCI Architecture

Physical architecture:

A. Regions: Localized Geographic with 1 or more AD

B. Availability Domain (AD), with 1 or more FD, within a region but connect to each
other by a low latency, high bandwidth network.
C. Fault Domains (FD): Is a grouping of hardware and infrastructure within an
availability domain to provide antiaffinity. So think about these as logical data
centers.

Choosing a Region

A. Location: Chose a region closes to your users for lowest latency and highest
performance.
B. Data Residency & Compliance: Many countries have strict data residency
requirements.
C. Service Availability: New cloud services are made available based on regional
demand, regulatory compliance, resource availability, and other factors.

Availability Domain

A. Isolated from each other, fault tolerant, unlikely to fail simultaneously.

B. Physical infrastructure not shared, such as power or cooling or the internal network,
a failure that impacts one availability domain is unlikely to impact the availability of
others.

Fault Domains

A. Each Aavailability Domain has three Fault Domains (FD). So the idea is, you put the
resources in different fault domains and they don`t share a single point of hardware
failure.
B. Logical data center within an AD.
C. In any region, resources in at most ONE fault domain are being actively changed at
any point in time. This means that availability problems caused by change
procedures are isolated at the fault domain level.

1.1.2. Distributed Cloud

Distributed cloud offers exceptional flexibility and choice

A. Public cloud: Access cloud services in 41+ global locations including Commercial,
US Government, UK Government, US National Security Regions, and EU
Sovereing (2023)
B. Hybrid cloud: we bring cloud services to you, including Oracle Exadata
Cloud@Customer, Oracle Roving Edge Infrastructure, OCI Observability and
Management, Oracle Database.
C. Dedicated cloud: we build a cloud just for you, with all 100+ OCI services running in
customer data centers, including OCI Dedicated Region and Oracle Alloy.
D. Multicloud: Our products work with your other providers, including Oracle Databaes
Services for Azure, Oracle Interconnect for Azure, and Oracle MySQL Heatwaver
on AWS.
1.2. Identity and Access Management

1.2.1. IAM Introduction

A. IAM: Identity and access Management Service. It’s also sometimes referred to as
“fine-grained access control” or role-based access control service.
B. There are two key aspects to this service.
o AuthN: authentication. Who are you?
o AuthZ: What permissions do you have?
C. What we do first is we create an identity domain? Users and groups within that
identity domain. And then we write policies against those groups, and policies are
scoped to a tenancy, an account, or a compartment.

And of course, the resources are available within a compartment. And again,
compartment is kind of a logical isolation for resources.
So this is how the whole service works.

D. How to identify and OCI resource? OCID (Unique Oracle-assigned identifier)

ocid1.<RESOURCE TYPE>.<REALM>.[REGION][.FUTURE USE].<UNIQUE ID>

o ocid1
o Resource type: It’s kind of the type of resource. It’s a compute instance or
it’s a block storage device, etc.
o Realm: Set of Regions That Share Same Characteristics.There’s a
commercial realm, there is a government realm, etc.
o Region.Future Use: The region code, it used to be a three-character code,
now it’s much longer string.
o Unique ID: It’s unique to the resource you create.

Well, your account also has an OCID, so you see that here tenancy.

1.2.2. Compartments
IAM: Identity and access Management Service. It’s also sometimes referred to as
“fine