Applications Environment Management Concepts
Here are some terms you may encounter when creating or managing an applications environment. Because the environments are running on Oracle Cloud Infrastructure, it is helpful to understand some basics about the features of OCI.
- ENVIRONMENT TYPE or INSTANCE TYPE
- The environment or instance type options will vary depending on the application.
- REGION
-
A region is where your environments are physically hosted. This region is not the same as the geographical region that you selected on your subscription order.
- COMPARTMENT
-
Compartments are a fundamental component of OCI for organizing and isolating your cloud resources. You can use them to logically separate resources for the purposes of measuring usage and billing, access (through the use of policies), and isolation (separating the resources for one project or business unit from another). For example, if you need to grant access to one group of users to your test environment and another group of users to your production environment, you can assign your test and production environments to different compartments. For more information, see Understanding Compartments.
- IDENTITY AND ACCESS MANAGEMENT (IAM)
- IAM is the service that provides authentication and authorization for OCI resources. You interact with the IAM service when you create users, groups, and policies to manage your applications environments.
- POLICY
- OCI IAM uses policies to specify who can access which resources. Access is granted at the group and compartment level, which means you can write a policy that gives a group a specific type of access within a specific compartment, or to the tenancy itself. If you give a group access to the tenancy, the group automatically gets the same type of access to all the compartments inside the tenancy. For more information, see Getting Started with Policies.
- RESOURCE IDENTIFIERS or OCIDs
-
Applications environment management supports environments as Oracle Cloud Infrastructure resources. Most types of resources have a unique, Oracle-assigned identifier called an Oracle Cloud ID (OCID). For information about the OCID format and other ways to identify your resources, see Resource Identifiers.
Authentication and Authorization
Applications environment management uses the Oracle Cloud Infrastructure IAM service for authentication and authorization.
An administrator in your organization needs to set up groupsĀ
and policiesĀ
that control which users can access which services and resources. For example, to allow other users to manage applications environments you’ll need to create a group for these users and write a policy that grants the group access to the applications environments. If your organization will be using other OCI services, you’ll need to write policies specifically for those services.
- For details about adding users, groups, and policies to manage applications environments, see Managing User Access to Applications Environments.
- For more general information about the IAM service and details about writing policies for other OCI services, see Managing Access to Resources.
Recent Comments