Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
CSPモデルにおけるOCI設計ガイドライン / OCI Design Guide for...
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Oracle Cloud Infrastructure ソリューション・エンジニア
December 28, 2022
Technology
2.9k
1
Share
CSPモデルにおけるOCI設計ガイドライン / OCI Design Guide for CSPs
Cloud Solutions Provider (CSP) モデルでOracle Cloud Infrastructureを利用するにあたって、設計上の考慮事項をまとめた資料です。
Oracle Cloud Infrastructure ソリューション・エンジニア
December 28, 2022
More Decks by Oracle Cloud Infrastructure ソリューション・エンジニア
See All by Oracle Cloud Infrastructure ソリューション・エンジニア
OCI技術資料 : ロード・バランサ 概要 - FLB・NLB共通
ocise
4
28k
OCI技術資料 : 証明書サービス概要
ocise
1
7.5k
OCI技術資料 : コンピュート・サービス 概要
ocise
4
56k
OCI技術資料 : 外部接続 VPN接続 詳細
ocise
1
11k
OCI技術資料 : OS管理ハブ 概要
ocise
2
5.5k
OCI技術資料 : オブジェクト・ストレージ 概要
ocise
3
21k
OCI技術資料 : 外部接続 詳細 FastConnect
ocise
4
21k
外部接続 詳細 - FastConnectの冗長性
ocise
1
16k
OCI技術資料 : 組織管理 (Organization Management)
ocise
3
13k
Other Decks in Technology
See All in Technology
はじめてのAI-DLC
yoshidashingo
2
520
Kaggle未経験社員をメダリストに育てる「AIドラゴン桜」
lycorptech_jp
PRO
0
560
【ハノーバーメッセ振り返りイベントat名古屋】データは集約からAI起点の収集に ~組織内・組織間でのデータ連携~
tanakaseiya
0
110
キャリア25年目にしてTypeScript に出会うまで - 「型」を通じて振り返るプログラミング言語遍歴 / Meeting TypeScript After 25 Years in Tech - Looking Back at My Programming Language Journey Through "Types"
bitkey
PRO
2
280
CARTA HOLDINGS エンジニア向け 採用ピッチ資料 / CARTA-GUIDE-for-Engineers
carta_engineering
0
47k
TypeScript の型で副作用の実行順序を制御する
yanaemon
2
210
老舗OCIクラウドインテグレーターが語る-現場で培ったクラウドリフトのリアルと成功のカギ
shinpy
0
120
管理アカウント単一運用からAWS Organizationsに移行するの大変で滅
hiramax
0
230
Node.js+TypeScriptにおけるCJS/ESM相互運用の最新ポイント
grainrigi
2
120
Gradle×GitHub_ActionsでCI時間を約50%短縮 ジョブ分割の設計と落とし穴 / Cutting CI Time by ~50% with Gradle and GitHub Actions: Job-Splitting Design and Pitfalls
takatty
0
100
Amazon CloudFrontにおけるAIボットアクセス制御のポイント
kizawa2020
4
270
組織の中で自分を経営する技術
shoota
0
130
Featured
See All Featured
Un-Boring Meetings
codingconduct
0
300
Art, The Web, and Tiny UX
lynnandtonic
304
21k
Neural Spatial Audio Processing for Sound Field Analysis and Control
skoyamalab
0
300
Public Speaking Without Barfing On Your Shoes - THAT 2023
reverentgeek
1
400
Taking LLMs out of the black box: A practical guide to human-in-the-loop distillation
inesmontani
PRO
3
2.2k
Leo the Paperboy
mayatellez
7
1.8k
Designing for Timeless Needs
cassininazir
1
230
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
52
5.9k
Google's AI Overviews - The New Search
badams
0
1k
The Invisible Side of Design
smashingmag
302
52k
Ruling the World: When Life Gets Gamed
codingconduct
0
240
svc-hook: hooking system calls on ARM64 by binary rewriting
retrage
2
260
Transcript
Cloud Solutions Provider(CSP)モデルにおける OCI設計のガイドライン 2022/12/30
Copyright © 2022, Oracle and/or its affiliates 2 Oracle Cloud
Infrastructure( OCI) Cloud Solutions Provider (CSP) • • OCI
CSP* OCI / → Identity Domain CSP Copyright © 2022,
Oracle and/or its affiliates 3 OCI OCI+ *CSP( ): https://www.oracle.com/jp/partnernetwork/expertise/cloud-solutions-provider/
Oracle IaaS/Paas/Saas Copyright © 2022, Oracle and/or its affiliates 4
OCI IAM Identity Domains SSO (Outbound) • • SAML, OIDC, OAuth • • App Gateway • RADIUS • Linux PAM **** Oracle Cloud IaaS/PaaS • • • • OCI • ID • Console | CLI | APIs • / • • SCIM • AD • ( ) ! ? ü (Inbound) • ID/ • IdP • (SNS) • • • OATH OAuth FIDO2 REST APIs SAML OIDC SCIM IAM OCI IAM IDCS OCI IAM Identity Domains
( ) • 1 ※ • ( ) • Copyright
© 2022, Oracle and/or its affiliates 5 001 A (A ) B (B ) A B (A ) (B ) Default ( )
Copyright © 2022, Oracle and/or its affiliates 6 (1 )
(2 ) (3 ) Default Virtual Machine Block Storage Database ( ) Policies ( ) Policies Groups Groups
( ) Administrators ( ) • • (manage all-resources) ※
( ) ( ) Copyright © 2022, Oracle and/or its affiliates 7 Allow Group <Domain Name>/<Group Name> to manage all-resources in Compartment <Compartment Name>
Copyright © 2022, Oracle and/or its affiliates 8 • (
) ( ) • • • OCI CLI SDK • Free 10 • 6
( ) Copyright © 2022, Oracle and/or its affiliates 9
OCI (…in tenancy ) ( ) • (Cloud Shell ) • ( : Cloud Guard ) • (use) ( : ) • ( ) ( )
(allow group <domain/group> to…) inspect tenancies in tenancy IAM inspect
compartments in tenancy IAM manage tenancy-preferences in tenancy IAM manage network-sources in tenancy IAM ( ) use tag-namespaces in tenancy where any {target.tag-namspace.name ='XXX' } IAM ( ) read announcements in tenancy Announcement (Announcement) read objectstorage-namespaces in tenancy Object Storage API use cloud-shell in tenancy Cloud Shell ( ) ( ) (…in tenancy) Copyright © 2022, Oracle and/or its affiliates 10
Thank you 11 Copyright © 2022, Oracle and/or its affiliates
None
Our mission is to help people see data in new
ways, discover insights, unlock endless possibilities.
ocise
yoshidashingo
lycorptech_jp
tanakaseiya
bitkey
carta_engineering
yanaemon
shinpy
hiramax
takatty
kizawa2020
shoota
codingconduct
lynnandtonic
skoyamalab
reverentgeek
inesmontani
mayatellez
cassininazir
badams
smashingmag
retrage
