Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
CSPモデルにおけるOCI設計ガイドライン / OCI Design Guide for...
Search
Oracle Cloud Infrastructure ソリューション・エンジニア
December 28, 2022
Technology
3k
1
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
CSPモデルにおけるOCI設計ガイドライン / OCI Design Guide for CSPs
Cloud Solutions Provider (CSP) モデルでOracle Cloud Infrastructureを利用するにあたって、設計上の考慮事項をまとめた資料です。
Oracle Cloud Infrastructure ソリューション・エンジニア
December 28, 2022
More Decks by Oracle Cloud Infrastructure ソリューション・エンジニア
See All by Oracle Cloud Infrastructure ソリューション・エンジニア
OCI技術資料 : コンピュート・サービス 概要
ocise
4
58k
OCI技術資料 : ロード・バランサ 概要 - FLB・NLB共通
ocise
4
29k
OCI技術資料 : 証明書サービス概要
ocise
1
7.7k
OCI技術資料 : 外部接続 VPN接続 詳細
ocise
1
11k
OCI技術資料 : OS管理ハブ 概要
ocise
2
6k
OCI技術資料 : オブジェクト・ストレージ 概要
ocise
3
21k
OCI技術資料 : 外部接続 詳細 FastConnect
ocise
4
21k
外部接続 詳細 - FastConnectの冗長性
ocise
1
16k
OCI技術資料 : 組織管理 (Organization Management)
ocise
4
14k
Other Decks in Technology
See All in Technology
フルAIで個人開発して学んだあれこれ / yuruai vol.1
isaoshimizu
0
170
“ID沼入口” - 基本とセキュリティから始める、考え続けるためのID管理技術勉強会 告知&イントロ
ritou
0
380
Text-to-SQLをAgentCoreで実現し、生成されるSQLの精度を定量的に評価する
yakumo
2
510
AIエージェントとPhysical AIが拓く製造業の変革(ハノーバーメッセリキャップ)
iotcomjpadmin
0
210
ご挨拶「10周年を迎える共創ラボのこれまでとこれから」
iotcomjpadmin
0
180
しぶいSRE: サーバから見えない障害にどう向き合うか。ラストワンマイルのデバッグ実践 / Shibui SRE
kanny
1
830
MySQL & MySQL HeatWave Report - June 2026
freshdaz
0
300
インフラ寄りSREでも 開発に踏み出せる〜境界を越えてユーザー体験に向き合いたい〜
sansantech
PRO
0
220
Claude Code 珍プレー好プレー
shinyasaita
0
160
Why is RC4 still being used?
tamaiyutaro
0
280
『AIに負けない』より『AIと遊ぶ』」〜ワクワクが最強のテスト・QA学習戦略_公開用
odan611
1
370
SRE歴2ヶ月でも開発6年の知見を活かして、チームで止まっていた環境改善を前に進めた話
a_ono
0
190
Featured
See All Featured
<Decoding/> the Language of Devs - We Love SEO 2024
nikkihalliwell
1
270
The #1 spot is gone: here's how to win anyway
tamaranovitovic
3
1.1k
Between Models and Reality
mayunak
4
360
Primal Persuasion: How to Engage the Brain for Learning That Lasts
tmiket
0
380
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
Leo the Paperboy
mayatellez
7
1.9k
We Analyzed 250 Million AI Search Results: Here's What I Found
joshbly
1
1.4k
Breaking role norms: Why Content Design is so much more than writing copy - Taylor Woolridge
uxyall
0
340
B2B Lead Gen: Tactics, Traps & Triumph
marketingsoph
0
170
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
508
140k
HTML-Aware ERB: The Path to Reactive Rendering @ RubyCon 2026, Rimini, Italy
marcoroth
2
290
Designing Experiences People Love
moore
143
24k
Transcript
Cloud Solutions Provider(CSP)モデルにおける OCI設計のガイドライン 2022/12/30
Copyright © 2022, Oracle and/or its affiliates 2 Oracle Cloud
Infrastructure( OCI) Cloud Solutions Provider (CSP) • • OCI
CSP* OCI / → Identity Domain CSP Copyright © 2022,
Oracle and/or its affiliates 3 OCI OCI+ *CSP( ): https://www.oracle.com/jp/partnernetwork/expertise/cloud-solutions-provider/
Oracle IaaS/Paas/Saas Copyright © 2022, Oracle and/or its affiliates 4
OCI IAM Identity Domains SSO (Outbound) • • SAML, OIDC, OAuth • • App Gateway • RADIUS • Linux PAM **** Oracle Cloud IaaS/PaaS • • • • OCI • ID • Console | CLI | APIs • / • • SCIM • AD • ( ) ! ? ü (Inbound) • ID/ • IdP • (SNS) • • • OATH OAuth FIDO2 REST APIs SAML OIDC SCIM IAM OCI IAM IDCS OCI IAM Identity Domains
( ) • 1 ※ • ( ) • Copyright
© 2022, Oracle and/or its affiliates 5 001 A (A ) B (B ) A B (A ) (B ) Default ( )
Copyright © 2022, Oracle and/or its affiliates 6 (1 )
(2 ) (3 ) Default Virtual Machine Block Storage Database ( ) Policies ( ) Policies Groups Groups
( ) Administrators ( ) • • (manage all-resources) ※
( ) ( ) Copyright © 2022, Oracle and/or its affiliates 7 Allow Group <Domain Name>/<Group Name> to manage all-resources in Compartment <Compartment Name>
Copyright © 2022, Oracle and/or its affiliates 8 • (
) ( ) • • • OCI CLI SDK • Free 10 • 6
( ) Copyright © 2022, Oracle and/or its affiliates 9
OCI (…in tenancy ) ( ) • (Cloud Shell ) • ( : Cloud Guard ) • (use) ( : ) • ( ) ( )
(allow group <domain/group> to…) inspect tenancies in tenancy IAM inspect
compartments in tenancy IAM manage tenancy-preferences in tenancy IAM manage network-sources in tenancy IAM ( ) use tag-namespaces in tenancy where any {target.tag-namspace.name ='XXX' } IAM ( ) read announcements in tenancy Announcement (Announcement) read objectstorage-namespaces in tenancy Object Storage API use cloud-shell in tenancy Cloud Shell ( ) ( ) (…in tenancy) Copyright © 2022, Oracle and/or its affiliates 10
Thank you 11 Copyright © 2022, Oracle and/or its affiliates
None
Our mission is to help people see data in new
ways, discover insights, unlock endless possibilities.