About Me
Oracle Cloud Infrastructure Developer 2020 Certified Associate
1 Oracle Cloud Infrastructure (OCI) Overview
1-1 Introduction to OCI
1-2 OCI Architecture
1-3 OCI Regions and Availability Domains
1-4 OCI Services Overview
2 Identity and Access Management (IAM)
2-1 Introduction to IAM
2-2 Users, Groups, and Policies
2-3 Compartments
2-4 Authentication and Authorization
2-5 Federation and Single Sign-On (SSO)
3 Compute Services
3-1 Introduction to Compute Services
3-2 Virtual Machines (VMs)
3-3 Bare Metal Instances
3-4 Instance Configurations and Launch Options
3-5 Autoscaling and Instance Pools
3-6 Management and Monitoring of Compute Instances
4 Networking Services
4-1 Introduction to Networking Services
4-2 Virtual Cloud Networks (VCNs)
4-3 Subnets and Security Lists
4-4 Route Tables and Internet Gateways
4-5 NAT Gateway and Service Gateway
4-6 Load Balancing and DNS Services
5 Storage Services
5-1 Introduction to Storage Services
5-2 Block Volume Storage
5-3 Object Storage
5-4 File Storage Service
5-5 Backup and Disaster Recovery
6 Database Services
6-1 Introduction to Database Services
6-2 Autonomous Database
6-3 Oracle Database Cloud Service
6-4 Exadata Cloud Service
6-5 Backup and Recovery
7 Resource Management
7-1 Introduction to Resource Management
7-2 Terraform and OCI Resource Manager
7-3 Resource Tags and Cost Management
7-4 Monitoring and Logging
8 Security and Compliance
8-1 Introduction to Security and Compliance
8-2 Key Management Service (KMS)
8-3 Vault Service
8-4 Security Zones
8-5 Compliance and Auditing
9 Application Development
9-1 Introduction to Application Development
9-2 Oracle Cloud Infrastructure Registry (OCIR)
9-3 Functions and API Gateway
9-4 Integration and Event Services
9-5 DevOps and CICD Pipelines
10 Monitoring and Management
10-1 Introduction to Monitoring and Management
10-2 Monitoring Services
10-3 Notifications and Alarms
10-4 Logging and Auditing
10-5 Service Limits and Quotas
11 Cost Management
11-1 Introduction to Cost Management
11-2 Cost Analysis and Reports
11-3 Budget Alerts and Notifications
11-4 Reserved Instances and Savings Plans
12 Advanced Topics
12-1 Introduction to Advanced Topics
12-2 Hybrid Cloud and Interconnect
12-3 Data Transfer and Migration
12-4 Edge Services and Content Delivery Network (CDN)
12-5 Machine Learning and AI Services
Introduction to IAM in OCI

Introduction to IAM in OCI

Key Concepts

Identity and Access Management (IAM) in Oracle Cloud Infrastructure (OCI) is a critical component that ensures secure and controlled access to your cloud resources. The key concepts include:

Users

Users represent individual accounts in OCI. Each user has a unique identifier and can be granted specific permissions to access resources. Users can log in to the OCI Console, use the CLI, or interact with OCI services programmatically.

Think of users as employees in a company. Each employee has a unique ID and specific roles that define what they can access and do within the organization.

Groups

Groups are collections of users. By assigning users to groups, you can manage permissions more efficiently. Instead of granting permissions to individual users, you can assign them to a group, and all members of that group inherit the permissions.

Consider groups as departments in a company. For example, the "Developers" group might include all developers, and they can all access the same resources and perform similar tasks.

Policies

Policies define what actions users or groups can perform on specific resources. They are written in a declarative language and specify the allowed actions, resources, and conditions. Policies are attached to groups or users to grant or restrict access.

Think of policies as rulebooks. For instance, a policy might state that members of the "Developers" group can create and manage compute instances, but they cannot delete them. This ensures that developers have the necessary permissions without excessive privileges.

Compartments

Compartments are logical containers used to organize and isolate resources within OCI. They help in managing access control and resource allocation. Policies can be defined at the compartment level, allowing fine-grained control over who can access what resources.

Imagine compartments as folders on your computer. You can place files (resources) in specific folders (compartments) to keep your workspace organized and secure.

Tenancy

A tenancy is a single instance of Oracle Cloud Infrastructure that an organization receives when they sign up. It serves as the root compartment for all other compartments and resources. The tenancy defines the overall structure and security policies for the organization.

Think of a tenancy as the entire company's cloud infrastructure. It encompasses all resources, users, and policies, providing a secure and organized environment for the organization to operate in the cloud.

Conclusion

Understanding IAM in OCI is essential for securing and managing access to your cloud resources. By mastering users, groups, policies, compartments, and tenancy, you can ensure that your cloud environment is both secure and efficient.

© 2024 Ahmed Baheeg Khorshid. All rights reserved.