Professional Documents
Culture Documents
OCI Fundamentals
OCI Fundamentals
Physical architecture:
Choosing a Region
A. Location: Chose a region closes to your users for lowest latency and highest
performance.
B. Data Residency & Compliance: Many countries have strict data residency
requirements.
C. Service Availability: New cloud services are made available based on regional
demand, regulatory compliance, resource availability, and other factors.
Availability Domain
Fault Domains
A. Each Aavailability Domain has three Fault Domains (FD). So the idea is, you put the
resources in different fault domains and they don`t share a single point of hardware
failure.
B. Logical data center within an AD.
C. In any region, resources in at most ONE fault domain are being actively changed at
any point in time. This means that availability problems caused by change
procedures are isolated at the fault domain level.
A. Public cloud: Access cloud services in 41+ global locations including Commercial,
US Government, UK Government, US National Security Regions, and EU
Sovereing (2023)
B. Hybrid cloud: we bring cloud services to you, including Oracle Exadata
Cloud@Customer, Oracle Roving Edge Infrastructure, OCI Observability and
Management, Oracle Database.
C. Dedicated cloud: we build a cloud just for you, with all 100+ OCI services running in
customer data centers, including OCI Dedicated Region and Oracle Alloy.
D. Multicloud: Our products work with your other providers, including Oracle Databaes
Services for Azure, Oracle Interconnect for Azure, and Oracle MySQL Heatwaver
on AWS.
1.2. Identity and Access Management
A. IAM: Identity and access Management Service. It’s also sometimes referred to as
“fine-grained access control” or role-based access control service.
B. There are two key aspects to this service.
o AuthN: authentication. Who are you?
o AuthZ: What permissions do you have?
C. What we do first is we create an identity domain? Users and groups within that
identity domain. And then we write policies against those groups, and policies are
scoped to a tenancy, an account, or a compartment.
And of course, the resources are available within a compartment. And again,
compartment is kind of a logical isolation for resources.
So this is how the whole service works.
o ocid1
o Resource type: It’s kind of the type of resource. It’s a compute instance or
it’s a block storage device, etc.
o Realm: Set of Regions That Share Same Characteristics.There’s a
commercial realm, there is a government realm, etc.
o Region.Future Use: The region code, it used to be a three-character code,
now it’s much longer string.
o Unique ID: It’s unique to the resource you create.
Well, your account also has an OCID, so you see that here tenancy.
1.2.2. Compartments
IAM: Identity and access Management Service. It’s also sometimes referred to as
“fine