Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
CSPモデルにおけるOCI設計ガイドライン / OCI Design Guide for...
Search
Oracle Cloud Infrastructure ソリューション・エンジニア
December 28, 2022
Technology
0
1.8k
CSPモデルにおけるOCI設計ガイドライン / OCI Design Guide for CSPs
Cloud Solutions Provider (CSP) モデルでOracle Cloud Infrastructureを利用するにあたって、設計上の考慮事項をまとめた資料です。
Oracle Cloud Infrastructure ソリューション・エンジニア
December 28, 2022
Tweet
Share
More Decks by Oracle Cloud Infrastructure ソリューション・エンジニア
See All by Oracle Cloud Infrastructure ソリューション・エンジニア
OS管理ハブ 概要
ocise
1
620
FastConnect の冗長性
ocise
0
8.6k
OCI コスト管理
ocise
1
920
OCI セキュア・デスクトップ 概要
ocise
0
4.3k
OCI技術資料 : リソース・マネージャ(Resource Manager)概要
ocise
0
3.8k
OCI技術資料 : ロード・バランサー 詳細 / Load Balancer 200
ocise
2
14k
Oracle Cloud Migrations Service概要
ocise
0
5k
OCI技術資料 : ロード・バランサー 概要 / Load Balancer 100
ocise
3
19k
OCI サービス基本情報
ocise
3
9.3k
Other Decks in Technology
See All in Technology
どちらを使う?GitHub or Azure DevOps Ver. 24H2
kkamegawa
0
770
UI State設計とテスト方針
rmakiyama
2
580
re:Invent 2024 Innovation Talks(NET201)で語られた大切なこと
shotashiratori
0
310
【re:Invent 2024 アプデ】 Prompt Routing の紹介
champ
0
140
Microsoft Azure全冠になってみた ~アレを使い倒した者が試験を制す!?~/Obtained all Microsoft Azure certifications Those who use "that" to the full will win the exam! ?
yuj1osm
2
110
大幅アップデートされたRagas v0.2をキャッチアップ
os1ma
2
530
サーバレスアプリ開発者向けアップデートをキャッチアップしてきた #AWSreInvent #regrowth_fuk
drumnistnakano
0
190
LINEヤフーのフロントエンド組織・体制の紹介【24年12月】
lycorp_recruit_jp
0
530
サイバー攻撃を想定したセキュリティガイドライン 策定とASM及びCNAPPの活用方法
syoshie
3
1.3k
宇宙ベンチャーにおける最近の情シス取り組みについて
axelmizu
0
110
C++26 エラー性動作
faithandbrave
2
730
統計データで2024年の クラウド・インフラ動向を眺める
ysknsid25
2
840
Featured
See All Featured
Imperfection Machines: The Place of Print at Facebook
scottboms
266
13k
Building Flexible Design Systems
yeseniaperezcruz
327
38k
Gamification - CAS2011
davidbonilla
80
5.1k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
47
5.1k
Faster Mobile Websites
deanohume
305
30k
Practical Orchestrator
shlominoach
186
10k
BBQ
matthewcrist
85
9.4k
4 Signs Your Business is Dying
shpigford
181
21k
No one is an island. Learnings from fostering a developers community.
thoeni
19
3k
What's in a price? How to price your products and services
michaelherold
243
12k
Building Better People: How to give real-time feedback that sticks.
wjessup
365
19k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
26
1.5k
Transcript
Cloud Solutions Provider(CSP)モデルにおける OCI設計のガイドライン 2022/12/30
Copyright © 2022, Oracle and/or its affiliates 2 Oracle Cloud
Infrastructure( OCI) Cloud Solutions Provider (CSP) • • OCI
CSP* OCI / → Identity Domain CSP Copyright © 2022,
Oracle and/or its affiliates 3 OCI OCI+ *CSP( ): https://www.oracle.com/jp/partnernetwork/expertise/cloud-solutions-provider/
Oracle IaaS/Paas/Saas Copyright © 2022, Oracle and/or its affiliates 4
OCI IAM Identity Domains SSO (Outbound) • • SAML, OIDC, OAuth • • App Gateway • RADIUS • Linux PAM **** Oracle Cloud IaaS/PaaS • • • • OCI • ID • Console | CLI | APIs • / • • SCIM • AD • ( ) ! ? ü (Inbound) • ID/ • IdP • (SNS) • • • OATH OAuth FIDO2 REST APIs SAML OIDC SCIM IAM OCI IAM IDCS OCI IAM Identity Domains
( ) • 1 ※ • ( ) • Copyright
© 2022, Oracle and/or its affiliates 5 001 A (A ) B (B ) A B (A ) (B ) Default ( )
Copyright © 2022, Oracle and/or its affiliates 6 (1 )
(2 ) (3 ) Default Virtual Machine Block Storage Database ( ) Policies ( ) Policies Groups Groups
( ) Administrators ( ) • • (manage all-resources) ※
( ) ( ) Copyright © 2022, Oracle and/or its affiliates 7 Allow Group <Domain Name>/<Group Name> to manage all-resources in Compartment <Compartment Name>
Copyright © 2022, Oracle and/or its affiliates 8 • (
) ( ) • • • OCI CLI SDK • Free 10 • 6
( ) Copyright © 2022, Oracle and/or its affiliates 9
OCI (…in tenancy ) ( ) • (Cloud Shell ) • ( : Cloud Guard ) • (use) ( : ) • ( ) ( )
(allow group <domain/group> to…) inspect tenancies in tenancy IAM inspect
compartments in tenancy IAM manage tenancy-preferences in tenancy IAM manage network-sources in tenancy IAM ( ) use tag-namespaces in tenancy where any {target.tag-namspace.name ='XXX' } IAM ( ) read announcements in tenancy Announcement (Announcement) read objectstorage-namespaces in tenancy Object Storage API use cloud-shell in tenancy Cloud Shell ( ) ( ) (…in tenancy) Copyright © 2022, Oracle and/or its affiliates 10
Thank you 11 Copyright © 2022, Oracle and/or its affiliates
None
Our mission is to help people see data in new
ways, discover insights, unlock endless possibilities.
ocise
kkamegawa
rmakiyama
shotashiratori
champ
yuj1osm
os1ma
drumnistnakano
lycorp_recruit_jp
syoshie
axelmizu
faithandbrave
ysknsid25
scottboms
yeseniaperezcruz
davidbonilla
reverentgeek
deanohume
shlominoach
matthewcrist
shpigford
thoeni
michaelherold
wjessup
bluesmoon
