Category: Compartments
-
OCI Security Zones
OCI Security Zones are not a new feature, they have been available since 2020. Security zones ensure that your OCI resources comply with your security policies, including Oracle Cloud Infrastructure Compute, Oracle Cloud Infrastructure Networking, Oracle Cloud Infrastructure Object Storage, Oracle Cloud Infrastructure Block Volumes, and Database resources. OCI provides a Maximum Security Zone recipe that can be customized…
-
OCI Compartment Guide pt 4 of 4
To wrap up this series, let’s take a look at how introducing OCI tagging can benefit both the compartment design and streamline the network design. OCI introduced the tag-based policy concept around March of 2020. It allows customers to use tags for authorization to deployed resources. At the time of the introduction, my initial thought…
-
OCI Compartment Guide pt 3 of 4 – Network in project compartment
I purposefully selected compartments and network segmentation as the example for this series, because I generally tend to see customers tend to confuse or correlate network design and compartment design and it generally tends to drag out the design process. When we are looking at compartment structure, we are looking at the segmentation and authorization…
-
OCI Compartments Guide pt 2 of 4 – Network with sub-compartments
If a VCN is deployed within the same compartment, there was no way to specify, via policy, access control to a specific VCN or subnet. As an example, if a Production VCN and Non-Production VCN were deployed in the same compartment, compartment policy was too broad. Even with two different IAM groups, both groups would…
Cloud Architecture Blog 