Tweet
Tweet

Slide 1

Slide 1 text

Cloud Solutions Provider(CSP)モデルにおける OCI設計のガイドライン 2022/12/30

Slide 2

Slide 2 text

Copyright © 2022, Oracle and/or its affiliates 2 Oracle Cloud Infrastructure( OCI) Cloud Solutions Provider (CSP) • • OCI

Slide 3

Slide 3 text

CSP* OCI / → Identity Domain CSP Copyright © 2022, Oracle and/or its affiliates 3 OCI OCI+ *CSP( ): https://www.oracle.com/jp/partnernetwork/expertise/cloud-solutions-provider/

Slide 4

Slide 4 text

Oracle IaaS/Paas/Saas Copyright © 2022, Oracle and/or its affiliates 4 OCI IAM Identity Domains SSO (Outbound) • • SAML, OIDC, OAuth • • App Gateway • RADIUS • Linux PAM **** Oracle Cloud IaaS/PaaS • • • • OCI • ID • Console | CLI | APIs • / • • SCIM • AD • ( ) ! ? ü (Inbound) • ID/ • IdP • (SNS) • • • OATH OAuth FIDO2 REST APIs SAML OIDC SCIM IAM OCI IAM IDCS OCI IAM Identity Domains

Slide 5

Slide 5 text

( ) • 1 ※ • ( ) • Copyright © 2022, Oracle and/or its affiliates 5 001 A (A ) B (B ) A B (A ) (B ) Default ( )

Slide 6

Slide 6 text

Copyright © 2022, Oracle and/or its affiliates 6 (1 ) (2 ) (3 ) Default Virtual Machine Block Storage Database ( ) Policies ( ) Policies Groups Groups

Slide 7

Slide 7 text

( ) Administrators ( ) • • (manage all-resources) ※ ( ) ( ) Copyright © 2022, Oracle and/or its affiliates 7 Allow Group / to manage all-resources in Compartment

Slide 8

Slide 8 text

Copyright © 2022, Oracle and/or its affiliates 8 • ( ) ( ) • • • OCI CLI SDK • Free 10 • 6

Slide 9

Slide 9 text

( ) Copyright © 2022, Oracle and/or its affiliates 9 OCI (…in tenancy ) ( ) • (Cloud Shell ) • ( : Cloud Guard ) • (use) ( : ) • ( ) ( )

Slide 10

Slide 10 text

(allow group to…) inspect tenancies in tenancy IAM inspect compartments in tenancy IAM manage tenancy-preferences in tenancy IAM manage network-sources in tenancy IAM ( ) use tag-namespaces in tenancy where any {target.tag-namspace.name ='XXX' } IAM ( ) read announcements in tenancy Announcement (Announcement) read objectstorage-namespaces in tenancy Object Storage API use cloud-shell in tenancy Cloud Shell ( ) ( ) (…in tenancy) Copyright © 2022, Oracle and/or its affiliates 10

Slide 11

Slide 11 text

Thank you 11 Copyright © 2022, Oracle and/or its affiliates

Slide 12

Slide 12 text

No content

Slide 13

Slide 13 text

Our mission is to help people see data in new ways, discover insights, unlock endless possibilities.