Oracle Cloud Infrastructure Foundations

**Oracle Cloud Infrastructure Foundations**

1. OCI Introduction

i) OCI Overview

Transcript: Some of the world’s largest enterprises are running their mission, an Oracle Smith generation cloud platform called Oracle Cloud infrastructure, and today I’m really excited to tell you more about it, in this lesson, you will see a general overview of what you can do in OCI. Let’s get started. To keep things simple, let us break them down into seven major categories, core infrastructure, database services, data and AI analytics, governance and administration, developer services and application services. We have building blocks on top of this global footprint, the seven categories we just mentioned at the very bottom, we have the core primitives, compute, storage and networking. Compute services, cover virtual machines, bare metal servers, containers, a managed Kubernetes service and a managed VMware service. These services are primarily for performing calculations, executing logic and running applications. Cloud Storage includes disks attached to virtual machines, file storage, object storage, archive, storage and data migration services. OCI offers a complete range of storage services for you to store, access, govern and analyze your structured or unstructured data. Networking features let you set up Software Defined private networks in Oracle Cloud. OCI provides the broadest and deepest set of networking services with the highest reliability, most security features and highest performance. Then we have database services. We have multiple flavors of database services, both Oracle and open source. We are the only cloud that runs autonomous databases and multiple flavors of it, including OLTP, OLAP and JSON. And then you can run databases in virtual machines, bare metal servers, or even extra data in the cloud. You can also run open source databases such as MySQL and NoSQL in the Oracle Cloud infrastructure data and AI services. We have a managed Apache Spark service called Data Flow, a managed service for tracking data artifacts across OCI called data catalog, and a managed service for data ingestion and ETL called data integration. We also have a Managed Data Science platform for machine learning models and training. We also have a managed Apache Kafka service for event streaming use cases. Then we have governance and administration services. These services include security, identity and observability and management. We have unique features like compartments that make it operationally easier to manage large and complex environments. Security is integrated into every aspect of OCI, whether it’s automatic detection or remediation, what we typically refer as cloud security, posture management, robust network protection or encryption by default. We have an integrated observability and management platform with features like logging, logging analytics and application performance management and much more. Then we have a bunch of developer services. We have a managed low code service called apex, several other developer services and a managed TerraForm service called Resource Manager for analytics. We have a managed analytics service called Oracle analytics cloud that integrates with various third party solutions under Application Services. We have a managed serverless offering call functions and API gateway and an event service to help you create micro services and event driven architectures. We have a comprehensive connected SaaS suite across your entire business, finance, human resources, supply chain, manufacturing, advertising, sales, customer, service and marketing all running on OCI. That’s a long list, and these seven categories and the services mentioned represent just a small fraction of more than 80 services currently available in OCI. Fortunately, it is quick and easy to try out a new service using our industry leading free tier account. We are the first cloud to offer a server for just a penny per core hour. Whether you are starting with Oracle Cloud infrastructure or migrating your entire data center to it, we can support you in your journey to the cloud, that’s it. OCI, broad and deep Cloud Platform. Thanks for watching.

ii) OCI Architecture

Welcome to this lesson on OCI architecture. In this lesson, we will cover the core constructs of OCI is physical architecture, starting with regions. Region is a localized geographic area comprising of one or more availability domains. Availability domains are one or more fault tolerant data centers located within a region, but connected to each other by a low latency, high bandwidth network. Fault domains is a grouping of hardware and infrastructure within an availability domain to provide anti affinity. So think about these as logical data centers. We looked at it in the previous lesson. Today, OCI has a massive geographic footprint around the world, with multiple regions across the world. And we also have a multi cloud partnership with Microsoft Azure, and we have a differentiated hybrid cloud offering called dedicated region cloud at customer but before we dive into the physical architecture, let us look at how do you choose a region? First thing is choosing a region. You choose a region closest to your users for lowest latency and highest performance. So that’s a key criteria. The second key criteria is data residency and compliance requirements. Many countries have strict data residency requirements, and you have to comply to them, and so you choose a region based on these compliance requirements. The third key criteria is service availability. New cloud services are made available based on regional demand, at times regulatory compliance reasons and resource availability and several other factors. Keep these three criterias in mind when choosing a region. So let’s look at each of these in a little bit more detail, availability domain. Availability domains are isolated from each other, fault tolerant and very unlikely to fail simultaneously. Because availability campaigns do not share physical infrastructure, such as power or cooling or the internal network, a failure that impacts one availability domain is unlikely to impact the availability of others. So as you can see in this graphic here, a particular region has three availability domains. One availability domain has some kind of an outage, is not available, but the other two availability domains are still up and running. We talked about fault domains a little bit earlier. What are fault domains? Think about each availability domain has three fault domains. So think about fault domains as logical data centers within availability domains. So as you can see in the picture here, we have three availability domains, and each of them has three fault domains. So the idea is you put the resources in different fall domains, and they don’t share single point of hardware failure, like physical servers, physical rack top of rack switches or power distribution units, you can get high availability by leveraging fault domains. We also leverage fault domains for our own services. So in any region, resources in at most one fall domain are being actively changed at any point in time. This means that availability problems caused by change procedures are isolated at the fault domain level. And moreover, you can control the placement of your compute or database instances to fall domain at instance launch time, so you can specify which fault domain you want to use. So what is the general guidance? The general guidance is we have these constructs, like fault domains and availability domains to help you avoid single points of failure. We do that on our own, so we make sure that the servers, the top of rack, switch, all are redundant, so you don’t have hardware failures. Or we try to minimize those hardware failures as much as possible. You need to do the same when you are designing your own architecture. So let’s look at an example. You have a region, you have an availability domain, and as we said, one ad has three fault domains. So you see those four domains here. So first thing you do is, when you create an application, you create this software defined virtual network, and then, let’s say it’s a very simple application. You have an application tier. You have a database tier. So first thing you could do is you could run multiple copies of your application, so you have an application tier which is replicated across fall domains, and then you have a database which is also replicated across fall domains. Why do you do that? Well, it gives you that extra layer of redundancy. So something happens to a fall domain, your application is still up and running. Now, to take it to the next step, you could replicate the same design in another availability domain. So you could have two copies of your application running and you can have two copies of your database running. Now one thing which will come up is, how do you make sure your data is synchronized between these copies? And so you could use various technologies like Oracle Data Guard to make sure that your primary and standby the data is kept in sync here, and so that you can design your application, your architectures like these, to avoid single points of failure, even for regions where we have a single availability domain, you could still leverage for domain construct to achieve high availability and avoid single points of failure. Let’s summarize what we learned in this lesson. So we looked at region. Region comprises of availability domains. Availability domains comprise of fault domains. So let’s look at the inside out view. So first, let’s start with fault domain, for domain provide protection against failure within an availability domain. Availability domain themselves provide protection from entire availability domain failures, particularly in a multi ad region. And then you have this concept of region pair, where in every country we operate, or most of the countries we operate, we have at least two data centers. So you could use the second data center for disaster recovery or backup, or it also helps you with to comply with data residency and compliance requirements. And then, not only this, we also have SLAs on availability, management and performance. To recap, we looked at the physical architecture of OCI with regions which are geo locations. We looked at availability domains, and then every availability domain has three fall domains. So use these architectural constructs to design your applications which are highly available and avoid single points of failure. Thanks for watching

iii) OCI Console Walk-through

Music, hello and welcome in this demo, let us do a quick walk through of the OCI console. So this is the OCI console, and you can access it using this single URL, cloud.oracle.com, and then you have to enter your tenancy name and your username and password in the identity module. We will cover how to log in with your credentials to the console. But here, let me do a quick walkthrough of the different features which the console enables. So the first thing here is you can see, this is the home page, the dashboard. Some Getting Started links. There are some quick starts right here. And as you scroll down, you can see some launch. You can launch some resources very quickly. Now, the one I want to area, which I want to show you is the service navigation menu. Also, you know this, this icon here, the hamburger icon. You can access it using this hamburger icon. So if you click on it now, you can see the various services categorized on the left hand side here, so there is compute, storage, networking, the core primitives, database, both Oracle and open source and several other services like identity security, developer services, etc. So these are the major categories of the services which we have available. And then if you click on, for example, storage, you can access different storage services from this menu. So you can click on object storage. And there you can create object storage buckets and upload files. Now, at any point, if you are deep, many layers, deep into the into the individual services, and you want to go back to the home page, you can click on the Oracle Cloud icon here, or you can click, click on the hamburger icon, so I can click on Oracle Cloud here, and now I’m back on my home page. The second thing I want to show you here is around search. So at any point, if you want to search for resources, you can just type the kind of resource you want to search for, in this case, compute. And if I was running some compute instances, I would be seeing those on the left hand side here, and on the right hand side you see documentation, links to marketplace and links to some other service menus. I can also do something called an advanced resource query. So for example, if I want to see how many running instances I have in this account, I can there is a sample query which will make available, and you can search here, and there are various queries you can write yourself. So that’s the second thing I wanted to show you. The third thing are the regions. The regions are the geographical locations wherever data centers are located. So you can see my account. My tenancy right now is subscribed to two regions in the United States, so ashban and Phoenix, and I can click on Manage regions, and I can subscribe to any of the 41 plus regions which are available today. So you can see the long list of regions here. And let’s see if I want to subscribe to another region in the US, like, you know, San Jose. I can just click on subscribe here, and then I would be able to subscribe to this new region in San Jose, right? Is that simple at any point? Because this is a global menu. You can switch regions. So I right now I’m in Ashburn. Suppose I want to create my resources in a different region, like Phoenix. I can just do a global switch here and now, all my resources will be created in the Phoenix region. So that’s the third thing. The fourth thing is, if you see this global menu on the top, there are announcements. Now in the cloud, we launch features and services at a very fast velocity. So how do you keep up with all the updates and the announcements? And you can do so in Oracle Cloud’s context using this announcement menu here. So if I click here, you can see some announcements which have come out in the last few months, scheduled maintenance, things like those. If I have to take any required actions, this is an area which gives me all that information. The next icon here is around help. Now the console itself is designed in a way which is very user friendly, but if you need any help, whether it’s around navigation or anything else, you can bring up this Help menu, and you have various options, like you can visit the Support Center. You can actually create a support request. You can request a limit increase, service limit increase, etc. So it’s designed kind of, you know, to be, to be a kind of a quick menu to give you the help which you require. Suppose this still doesn’t still you have questions which doesn’t get answered. Here you can use this feature, which is the live chat assistant, and what it does, this feature will assist you with any questions you might have here. So you can actually use this feature as well. Another feature which is available here is around language. So you can change the console language from English to any other language of your choice, and the various languages we support, as you can see here, so you could, you can do that. And then there are two developer services which I really want to quickly talk about, which are around, which is, which is called Cloud Shell, one of them and the other one is called Code Editor. The idea with a Cloud Shell is we give you a small virtual machine running a bash shell, which you access to the OCI console and Cloud Shell comes with several pre authenticated utilities, like the CLI is installed there, gate is installed, Java is installed, Python is there. So the idea is, if you are using the CLI, you don’t have to do any local installation on your machine. Using this Cloud Shell, which is in the browser, you can you can run these commands very easily, and the same is kind of true with code editor. Code Editor basically gives a rich in console editing environment that enables you to edit code and update service workflows and scripts without having to switch between the console and your local development environment. So this is a very convenient way to perform common code updates for various services, such as creating and deploying functions or resource manager TerraForm script. So those could be done very seamlessly using code editor. And then finally, if I go back to the home page on the right hand side, you can see some information, like my tenancy name, and you can see your cost here, so you can see that I have a pay as you go, subscription. And out of the 31 days billing, my cost is around $20 right now. And finally, if you want to see if any services degraded or having any issues, you can click on this health dashboard, and this brings up all the services which we have in Oracle Cloud, and you can see the status of these services by different regions. So hopefully this gives you a good overview of the OCI console and the various capabilities which are enabled through the console. I hope you found this demo useful. Thanks for your time.

 
1. Which statement about OCI is NOT true?
Answer: A single fault domain can be associated with multiple availability domains within a region.
An availability domain is one or more data centers located within a region.
An OCI region is a localized geographic area.
Availability domains do not share infrastructure, such as power, cooling, or network, within a region.
Explanation: A fault domain is a subdivision of an availability domain. Each availability domain contains three fault domains. Fault domains let you distribute your instances so that they are not on the same physical hardware within a single availability domain. A fault domain cannot be associated with multiple availability domains.
 
2. You have subscribed to an OCI region that has one availability domain. You want to deploy a highly available application with two servers and a 2-node database. How would you place the components to maintain the high availability of the application?
Answer: Place one server and a DB node in one fault domain, and the second server and DB node in another fault domain.
Place the servers in one fault domain and the database nodes in another fault domain.
High availability is not possible as there is only one availability domain in the region.
Place all the components in the same fault domain.
Explanation: In this scenario, distributing the servers and database nodes across different fault domains within the same availability domain would provide protection against the failure of a single fault domain. If one fault domain experiences a failure, the other would remain unaffected, ensuring the high availability of the application.
 
3. Which statement about regions and availability domains is true?
All OCI regions have three availability domains.
Fault domains provide protection against failures across regions.
All OCI regions have a single availability domain.
Answer: An OCI region has one or more availability domains.
Explanation: An OCI region is composed of one or more isolated, interconnected availability domains. Each availability domain is a separate physical location within a region. The number of availability domains per region may vary; some OCI regions have three availability domains, while some others have a single availability domain.

4. Which Oracle Cloud Infrastructure service is NOT intended for a multicloud solution?
Oracle Interconnect for Azure
Oracle Database Service for Azure
Answer: Oracle Roving Edge Infrastructure
Oracle MySQL Heatwave on AWS
Explanation: Oracle Roving Edge Infrastructure is a service that provides a portable, ruggedized device running a subset of OCI services, designed for deployment in the field outside of a traditional data center. It is not a service specifically designed for multicloud deployment. On the other hand, services like Oracle Database Service for Azure and Oracle Interconnect for Azure are designed to allow Oracle Cloud Infrastructure to interoperate with Azure, indicating a multicloud approach. Oracle MySQL HeatWave is an analytics service for MySQL Database service that runs on AWS but the account management and billing and metering are done through OCI.

5.Which capability can be used to protect against failures within an OCI availability domain?
Answer: Fault Domain
Load Balancer
Compartments
Regions
Explanation: Fault domains provide a capability to protect your applications and instances from unexpected hardware failures or network outages within an availability domain. They provide anti-affinity: Each fault domain runs on its own set of physical hardware, so a failure that impacts one fault domain does not affect instances in other fault domains.

2. Identity and Access Management

i) IAM introduction

Foreign welcome to this lesson on OCI identity and access management. In this particular lesson, we are going to look at very high level overview of OCI im. Im stands for identity and access management service. It’s also sometimes referred to as fine grained access control, or Role Based Access Control Service. There are two key aspects to this service. The first one is called authentication, or also referred to as auth N, and the second aspect is referred to as authorization, or also referred to as auth Z. Authentication has to deal with identity or who someone is, while authorization has to deal with permission or what someone is allowed to do. So basically, what the service ensures is making sure that a person is who they claim to be. And as far as authorization is concerned. What the service does is it allows a user to be assigned one or more predetermined roles, and each roles comes with a set of permissions. And that’s basically what is shown on the screen here for authorization as what kind of permissions Do you have? Now there are various concepts which are part of this service, or various features which are part of the service, starting with identity, domains, principles, groups, dynamic groups, compartments, etc. And in subsequent lessons, we are going to cover these in more details. Now I just want to talk about one such feature here, which is identity domains. Now identity domains is basically as you see on the picture here. It’s a container for your users and groups. So think about this as a construct which represents a user population in OCI and the associated configurations and security settings. So how does this work in practice? Well, what we do first is we create an identity domain, and then we create users and groups within that identity domain, and then we write policies against those groups, and policies are scoped to a tenancy, an account or a compartment. And of course, the resources are available within a compartment. And again, compartment is kind of a logical isolation for resources. So this is how the whole service works. The part which is in a box here is identity domain and users and the groups. Authentication is done by common mechanisms like username and password and policies, is basically where you provide these role based access control. So you put these groups in one of the pre determined roles, and then you assign some permissions against those roles. So this is how kind of the service works, in a nutshell. Now, one thing which you would see in that previous slide was about these resources. Now, anything you create in the cloud, all these objects, whether it’s a block storage, it’s a compute instance, it’s a file storage, it’s a database, these are all resources. And if these things are resources, there has to be a unique identifier for these resources. Else, how are you going to operate on these resources? So what OCI does is it provides its own assigned identifier, which is called Oracle Cloud ID. Osid, you don’t have to provide this. We do this automatically for all the resources, and the syntax is as shown on the screen here. So it starts with ocid one. There’s a resource type, there is a realm, there is a region, and there’s a unique ID here. So what this means is ocid One is just the type of resource realm is basically set of regions that share the same characteristics. So there’s a commercial realm, there is a government realm, etc. Resource type is kind of the type of the resource. It’s a compute instance, or it’s a block storage device or etc. And then region is basically the region code. Here, it used to be a three character code. Now it’s much longer string. And then there is a unique ID here, which is unique to the resource you create. So what are some of the examples? Well, your account also has an oscillate so you see that here, tenancy, and you can see this syntax here, starting with osid one. Now, of course, it account is across multiple regions, so you don’t have a region identifier here. Its realm is oC one, and then there is the unique identifier. In case of block volume, you see the region because block volume is specific to a particular region. So you see the region key here, and then the unique identifier. So this is hopefully a quick kind of couple of examples to show you how Osage work. If you’re working on the management console, you’re not going to interact with the Osage, but if you’re using the C CLI or the SDK, you would be using these oscillates. And remember, Oracle generates these unique identifiers. You don’t have to do anything. As far as these oscillates are concerned. Hopefully, this was a quick lesson on OCI im remember, the two key aspects for the service are authentication, basically, which deals with identity or who someone is or who someone claims to be, and authorization, which has to do with permissions or what someone is allowed to do. And in subsequent lessons, we are going to dive deeper into some other concepts, like compartments and identity domains and authentication and authorization. I hope you found this lesson useful. Thanks for your time.

ii) Compartments

Welcome to this lesson on OCI compartments. Compartments are a unique feature within OCI, and these are really powerful. So what is a compartment when, when you get open an account in OCI, you you get a tenancy. That’s another fancy name for an account. And we also give you a root compartment. So think of root compartment as this logical construct where you can where you can keep all your cloud resources. And then what you could do is you could create your own individual compartments, like you see here. There is a network compartment, there’s a storage compartment, and the idea is you create these for isolation and controlling access, and you could keep a collection of related resources in specific compartments. So the network resource has network then network compartment has network resources and storage compartment has storage resources. Now keep in mind root compartment, as I said earlier, can hold all of the cloud resources. So it can be sort of a kitchen sink. You could put everything in there, but the best practice is to create dedicated compartments to isolate resources. You will see why. Let me just explain. So first thing is, each resource you create belongs to a single compartment. So you create a virtual machine. For example, it goes to compartment A, it cannot go to compartment b. Again, you have to move it from compartment a or delete and recreate in compartment B. Keep in mind, each resource belongs to a single compartment. The reason why you want to compartmentalize your resources is exactly shown on this slide. Why you use compartment in the first place is for controlling access and isolation. So the way you do that is you have resources. Let’s say, in this case, block storage kept in compartment a you don’t want those to be used by everyone. You want to be those to be used only by the compute admins and storage admins. So you create those admins as users and groups, write these policies, and they can access these resources in this in this compartment. So it’s very important do not put all your resources in the root compartment. Create resource specific compartments, or whichever way you want to divide your tendencies and put resources accordingly. Now, how do resources interact if they are in different compartments? Do they all have to be in the same compartment? Absolutely not, as you can see here, resource in one compartment can interact with resource in another compartment. Here the virtual cloud network is the compute instance uses the virtual cloud network and but these are in two different compartments, so this is absolutely supported, and it keeps your design much cleaner. Keep in mind that resource can also be moved from one compartment to another. So in this example, compartment a had a virtual machine. We can move that from compartment a to compartment B. Another concept which is very important to grasp is the compartments are global constructs, like everything in identity, so resources from multiple regions can be in the same compartment. So when you go to Phoenix, you see this compartment existing. You go to Ashburn, you see the same compartment. Now you can write policies to prevent users from accessing resources in a specific region. You could do that, but keep in mind all the compartments, the compartments you create are global, and they are available in every region you have access to. Compartments can also be nested, so you have up to six levels nesting provided by compartments. You would do this again, because this can mimic your current design, whether it’s your organizational design or whether it’s your IT hierarchy. You could create nested compartments. It just helps keep your design cleaner. And then finally, you could set quotas and budgets on compartment. So you could say that my particular compartment, you cannot create a bare metal machine, or you cannot create an accelerator resource. So you could control it like that. And then you could also create budgets on compartments. So you could say that if the usage in a particular compartment goes beyond $1,000 it gets flagged and you get notified. So you could do that. So that’s that’s compartment for you. It’s a very unique feature within OCI. We believe it helps keep your tendencies much better organized, and it really supports your current it hierarchy and design. Thanks for watching.

Music. Welcome to this demo on compartments and identity domains. So as you recall from the theory lesson, compartments are nothing but logical containers for your resources and identity domains. You can think of them as containers for your users groups and security configuration. So in this particular demo, we are going to create a compartment, name it sandbox, and then we are going to create an identity domain, call it sandbox domain, and we will put some users as part of that identity domain. So let’s get started. As you can see here, I am logged in to my OCI console, and to bring up identity compartments and identity domains, I’ll click on the navigation menu and click on identity and security. And you will see all the identity services listed here, and some of the security services are listed here as well. So to bring up compartments, I’ll click on compartments here. And from from this place, I can go ahead and create a compartment. So I can I can see here that I have a root compartment, which is also my tenancy, and within that compartment I have couple of other compartments which exist development. And there is another compartment which is used for our platform services. So you can see here all the compartments which are available in my account are sub compartments for the account, for the root compartment itself. So you can see here it says two sub compartments, because this compartment, the account has two other compartments existing and also this development compartment also has a sub compartment so you can see here, so you can nest these compartments up to six levels deep. So that’s what you’re seeing here. So let’s go ahead and create a new compartment here. We’ll call this compartment sandbox. You and right here I have an option to create this as a security zone. We actually discuss security zone later in in the course. So I’ll skip it for now, and you can click this is this is all it takes. You can click Create compartment, and now you will see that a compartment called sandbox gets created. It will take a couple of seconds to do it. So let me just refresh the page, and now you can see that the sandbox compartment is created. And if I click on the sandbox compartment, I can see that I can rename it. I have certain other actions I can take and I can create child compartments here up to six levels deep, I can nest compartments. So the thing which I really want to see is, if I go to governance and administration and bring up tenancy management, I can actually look at what resources exist within my within my tenancy. So right here, I can see, you know, in my root, in my root account, my tendency, I have a few resources which are existing. I have cloud guard enabled here, and so on and so forth. You can see there are some users. There is a virtual cloud network, etc, which exist. If I click on the sandbox compartment, you can see that there are no resources which are found in this compartment, because we just created this compartment. So this is a nice way to see what resources exist in your compartment. You can because as you are creating resources, you might not be keeping track on where these resources exist. Using the tenancy Explorer, you can actually figure out which resources exist as part of your compartments. So let’s having created compartments. Let’s go and create an identity domain so similar to compartments, identity domains are exist within the identity menu here, and you can access them by clicking on domains. So if you click on domains, this will bring up the menu to create an identity domain. You can see that there is a default domain which exists, which is the current domain. So to creating, to create a domain is it’s pretty straightforward process. So click on the domain. Create domain button there, and let’s provide a name for this domain. So we’ll say this is the sandbox domain. And right here I can see domain types, so I can choose a free option, or I have other SKUs which I can get into. This is a foundational course, so we’re not getting into a lot of details there, right? And I can create an administrative user for this domain. I’m going to skip this for now. I’m not going to do that. And then it asks, you know, where do I want to create this domain? I can actually create this domain in the root, or I could actually create it in the sandbox compartment we created. So I’ll go ahead and create this in the in the root compartment, and I’ll click Create here, and it I have to choose the skew here. I’ll say it’s a free SKU, and I’ll create the domain. And that’s how simple it is to create an identity domain. And remember, again, similar to compartments, identity domains are kind of containers for your users groups and security configuration. So the way it is used is, let’s say I have a sandbox compartment where I’m using this compartment for testing purposes, so I could have a select set of users and groups which are involved with this testing, and I could keep them in this sandbox domain, identity domain, and once I don’t no longer use them, I can delete all these users and groups. It’s a nice way to segregate your users groups and security configuration. So let me just refresh this page and see if the identity domain is created. And as you can see here, it took a few seconds and the sandbox domain is created. So if I click here, you can see, in my default domain, I have six users and four groups. But in the sandbox domain. If I click here, I can see that there are no users. So in the next demo, we are going to create a user here, and also going to create a group here. And as you can see here, it’s just more than users and groups. It’s also all your security configurations, like MFA, dynamic groups, et cetera. So this was a quick demo on how to create compartments and create identity domain. I hope you found this demo useful. Thanks for watching.

iii) AuthN and AuthZ
iv) Tenancy Setup

3. Networking

4. Compute

5. Storage

6. Security

7. Governance and Administration