Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
CSPモデルにおけるOCI設計ガイドライン / OCI Design Guide for...
Search
Oracle Cloud Infrastructure ソリューション・エンジニア
December 28, 2022
Technology
0
1.7k
CSPモデルにおけるOCI設計ガイドライン / OCI Design Guide for CSPs
Cloud Solutions Provider (CSP) モデルでOracle Cloud Infrastructureを利用するにあたって、設計上の考慮事項をまとめた資料です。
Oracle Cloud Infrastructure ソリューション・エンジニア
December 28, 2022
Tweet
Share
More Decks by Oracle Cloud Infrastructure ソリューション・エンジニア
See All by Oracle Cloud Infrastructure ソリューション・エンジニア
OS管理ハブ 概要
ocise
1
400
FastConnect の冗長性
ocise
0
8.2k
OCI コスト管理
ocise
1
600
OCI セキュア・デスクトップ 概要
ocise
0
3.9k
OCI技術資料 : リソース・マネージャ(Resource Manager)概要
ocise
0
3.5k
OCI技術資料 : ロード・バランサー 詳細 / Load Balancer 200
ocise
2
14k
Oracle Cloud Migrations Service概要
ocise
0
4.4k
OCI技術資料 : ロード・バランサー 概要 / Load Balancer 100
ocise
3
18k
OCI サービス基本情報
ocise
3
9.1k
Other Decks in Technology
See All in Technology
いざ、BSC討伐の旅
nikinusu
2
780
これまでの計測・開発・デプロイ方法全部見せます! / Findy ISUCON 2024-11-14
tohutohu
3
370
Terraform Stacks入門 #HashiTalks
msato
0
360
Introduction to Works of ML Engineer in LY Corporation
lycorp_recruit_jp
0
130
ノーコードデータ分析ツールで体験する時系列データ分析超入門
negi111111
0
410
AGIについてChatGPTに聞いてみた
blueb
0
130
SREによる隣接領域への越境とその先の信頼性
shonansurvivors
2
520
Terraform未経験の御様に対してどの ように導⼊を進めていったか
tkikuchi
2
450
障害対応指揮の意思決定と情報共有における価値観 / Waroom Meetup #2
arthur1
5
480
マルチプロダクトな開発組織で 「開発生産性」に向き合うために試みたこと / Improving Multi-Product Dev Productivity
sugamasao
1
310
100 名超が参加した日経グループ横断の競技型 AWS 学習イベント「Nikkei Group AWS GameDay」の紹介/mediajaws202411
nikkei_engineer_recruiting
1
170
飲食店データの分析事例とそれを支えるデータ基盤
kimujun
0
120
Featured
See All Featured
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
280
13k
How To Stay Up To Date on Web Technology
chriscoyier
788
250k
Making the Leap to Tech Lead
cromwellryan
133
8.9k
Raft: Consensus for Rubyists
vanstee
136
6.6k
What's new in Ruby 2.0
geeforr
343
31k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
26
2.1k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
506
140k
How STYLIGHT went responsive
nonsquared
95
5.2k
The Language of Interfaces
destraynor
154
24k
Statistics for Hackers
jakevdp
796
220k
What's in a price? How to price your products and services
michaelherold
243
12k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
4
370
Transcript
Cloud Solutions Provider(CSP)モデルにおける OCI設計のガイドライン 2022/12/30
Copyright © 2022, Oracle and/or its affiliates 2 Oracle Cloud
Infrastructure( OCI) Cloud Solutions Provider (CSP) • • OCI
CSP* OCI / → Identity Domain CSP Copyright © 2022,
Oracle and/or its affiliates 3 OCI OCI+ *CSP( ): https://www.oracle.com/jp/partnernetwork/expertise/cloud-solutions-provider/
Oracle IaaS/Paas/Saas Copyright © 2022, Oracle and/or its affiliates 4
OCI IAM Identity Domains SSO (Outbound) • • SAML, OIDC, OAuth • • App Gateway • RADIUS • Linux PAM **** Oracle Cloud IaaS/PaaS • • • • OCI • ID • Console | CLI | APIs • / • • SCIM • AD • ( ) ! ? ü (Inbound) • ID/ • IdP • (SNS) • • • OATH OAuth FIDO2 REST APIs SAML OIDC SCIM IAM OCI IAM IDCS OCI IAM Identity Domains
( ) • 1 ※ • ( ) • Copyright
© 2022, Oracle and/or its affiliates 5 001 A (A ) B (B ) A B (A ) (B ) Default ( )
Copyright © 2022, Oracle and/or its affiliates 6 (1 )
(2 ) (3 ) Default Virtual Machine Block Storage Database ( ) Policies ( ) Policies Groups Groups
( ) Administrators ( ) • • (manage all-resources) ※
( ) ( ) Copyright © 2022, Oracle and/or its affiliates 7 Allow Group <Domain Name>/<Group Name> to manage all-resources in Compartment <Compartment Name>
Copyright © 2022, Oracle and/or its affiliates 8 • (
) ( ) • • • OCI CLI SDK • Free 10 • 6
( ) Copyright © 2022, Oracle and/or its affiliates 9
OCI (…in tenancy ) ( ) • (Cloud Shell ) • ( : Cloud Guard ) • (use) ( : ) • ( ) ( )
(allow group <domain/group> to…) inspect tenancies in tenancy IAM inspect
compartments in tenancy IAM manage tenancy-preferences in tenancy IAM manage network-sources in tenancy IAM ( ) use tag-namespaces in tenancy where any {target.tag-namspace.name ='XXX' } IAM ( ) read announcements in tenancy Announcement (Announcement) read objectstorage-namespaces in tenancy Object Storage API use cloud-shell in tenancy Cloud Shell ( ) ( ) (…in tenancy) Copyright © 2022, Oracle and/or its affiliates 10
Thank you 11 Copyright © 2022, Oracle and/or its affiliates
None
Our mission is to help people see data in new
ways, discover insights, unlock endless possibilities.
ocise
nikinusu
tohutohu
msato
lycorp_recruit_jp
negi111111
blueb
shonansurvivors
tkikuchi
.jpeg){kind=avatar}
arthur1
sugamasao
nikkei_engineer_recruiting
kimujun
stephaniewalter
chriscoyier
cromwellryan
vanstee
geeforr
marktimemedia
nonsquared
destraynor
jakevdp
michaelherold
irinanazarova
