Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
CSPモデルにおけるOCI設計ガイドライン / OCI Design Guide for...
Search
Oracle Cloud Infrastructure ソリューション・エンジニア
December 28, 2022
Technology
1
2.4k
CSPモデルにおけるOCI設計ガイドライン / OCI Design Guide for CSPs
Cloud Solutions Provider (CSP) モデルでOracle Cloud Infrastructureを利用するにあたって、設計上の考慮事項をまとめた資料です。
Oracle Cloud Infrastructure ソリューション・エンジニア
December 28, 2022
Tweet
Share
More Decks by Oracle Cloud Infrastructure ソリューション・エンジニア
See All by Oracle Cloud Infrastructure ソリューション・エンジニア
FastConnect の冗長性
ocise
1
13k
ネットワーク・ロード・バランサー NLB 詳細 / Load Balancer NLB 200
ocise
1
1.1k
OCI技術資料 : ファイル・ストレージ 概要
ocise
3
15k
Oracle Cloud Migrations Service概要
ocise
1
8.4k
OS管理ハブ 概要
ocise
2
2.4k
OCI コスト管理
ocise
3
3.2k
OCI セキュア・デスクトップ 概要
ocise
3
7k
OCI技術資料 : リソース・マネージャ(Resource Manager)概要
ocise
2
5.7k
OCI技術資料 : ロード・バランサ FLB 詳細 / Load Balancer FLB 200
ocise
3
19k
Other Decks in Technology
See All in Technology
イオン店舗一覧ページのパフォーマンスチューニング事例 / Performance tuning example for AEON store list page
aeonpeople
2
260
R-SCoRe: Revisiting Scene Coordinate Regression for Robust Large-Scale Visual Localization
takmin
0
430
[CV勉強会@関東 CVPR2025 読み会] MegaSaM: Accurate, Fast, and Robust Structure and Motion from Casual Dynamic Videos (Li+, CVPR2025)
abemii
0
180
Figma + Storybook + PlaywrightのMCPを使ったフロントエンド開発
yug1224
2
110
AIとTDDによるNext.js「隙間ツール」開発の実践
makotot
5
650
Preferred Networks (PFN) とLLM Post-Training チームの紹介 / 第4回 関東Kaggler会 スポンサーセッション
pfn
PRO
1
170
実践データベース設計 ①データベース設計概論
recruitengineers
PRO
2
190
Backboneとしてのtimm2025
yu4u
4
1.4k
GCASアップデート(202506-202508)
techniczna
0
250
ZOZOTOWNフロントエンドにおけるディレクトリの分割戦略
zozotech
PRO
16
5.2k
開発と脆弱性と脆弱性診断についての話
su3158
1
1.1k
現場が抱える様々な問題は “組織設計上” の問題によって生じていることがある / Team-oriented Organization Design 20250827
mtx2s
3
780
Featured
See All Featured
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
229
22k
Being A Developer After 40
akosma
90
590k
Making the Leap to Tech Lead
cromwellryan
134
9.5k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
131
19k
Measuring & Analyzing Core Web Vitals
bluesmoon
9
570
Unsuck your backbone
ammeep
671
58k
Designing for Performance
lara
610
69k
YesSQL, Process and Tooling at Scale
rocio
173
14k
Practical Orchestrator
shlominoach
190
11k
Learning to Love Humans: Emotional Interface Design
aarron
273
40k
How to Ace a Technical Interview
jacobian
279
23k
Intergalactic Javascript Robots from Outer Space
tanoku
272
27k
Transcript
Cloud Solutions Provider(CSP)モデルにおける OCI設計のガイドライン 2022/12/30
Copyright © 2022, Oracle and/or its affiliates 2 Oracle Cloud
Infrastructure( OCI) Cloud Solutions Provider (CSP) • • OCI
CSP* OCI / → Identity Domain CSP Copyright © 2022,
Oracle and/or its affiliates 3 OCI OCI+ *CSP( ): https://www.oracle.com/jp/partnernetwork/expertise/cloud-solutions-provider/
Oracle IaaS/Paas/Saas Copyright © 2022, Oracle and/or its affiliates 4
OCI IAM Identity Domains SSO (Outbound) • • SAML, OIDC, OAuth • • App Gateway • RADIUS • Linux PAM **** Oracle Cloud IaaS/PaaS • • • • OCI • ID • Console | CLI | APIs • / • • SCIM • AD • ( ) ! ? ü (Inbound) • ID/ • IdP • (SNS) • • • OATH OAuth FIDO2 REST APIs SAML OIDC SCIM IAM OCI IAM IDCS OCI IAM Identity Domains
( ) • 1 ※ • ( ) • Copyright
© 2022, Oracle and/or its affiliates 5 001 A (A ) B (B ) A B (A ) (B ) Default ( )
Copyright © 2022, Oracle and/or its affiliates 6 (1 )
(2 ) (3 ) Default Virtual Machine Block Storage Database ( ) Policies ( ) Policies Groups Groups
( ) Administrators ( ) • • (manage all-resources) ※
( ) ( ) Copyright © 2022, Oracle and/or its affiliates 7 Allow Group <Domain Name>/<Group Name> to manage all-resources in Compartment <Compartment Name>
Copyright © 2022, Oracle and/or its affiliates 8 • (
) ( ) • • • OCI CLI SDK • Free 10 • 6
( ) Copyright © 2022, Oracle and/or its affiliates 9
OCI (…in tenancy ) ( ) • (Cloud Shell ) • ( : Cloud Guard ) • (use) ( : ) • ( ) ( )
(allow group <domain/group> to…) inspect tenancies in tenancy IAM inspect
compartments in tenancy IAM manage tenancy-preferences in tenancy IAM manage network-sources in tenancy IAM ( ) use tag-namespaces in tenancy where any {target.tag-namspace.name ='XXX' } IAM ( ) read announcements in tenancy Announcement (Announcement) read objectstorage-namespaces in tenancy Object Storage API use cloud-shell in tenancy Cloud Shell ( ) ( ) (…in tenancy) Copyright © 2022, Oracle and/or its affiliates 10
Thank you 11 Copyright © 2022, Oracle and/or its affiliates
None
Our mission is to help people see data in new
ways, discover insights, unlock endless possibilities.