{"id":18802335,"url":"https://github.com/oracle-quickstart/oci-arch-best-practices","last_synced_at":"2026-01-05T02:30:18.094Z","repository":{"id":72112838,"uuid":"317603527","full_name":"oracle-quickstart/oci-arch-best-practices","owner":"oracle-quickstart","description":"oracle-lead","archived":false,"fork":false,"pushed_at":"2021-02-12T21:39:50.000Z","size":142,"stargazers_count":4,"open_issues_count":0,"forks_count":1,"subscribers_count":3,"default_branch":"main","last_synced_at":"2024-12-29T20:16:05.518Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/oracle-quickstart.png","metadata":{"files":{"readme":"Readme.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-12-01T16:35:21.000Z","updated_at":"2024-06-06T07:12:58.000Z","dependencies_parsed_at":null,"dependency_job_id":"743e0010-2c3e-4893-9971-f8995024c654","html_url":"https://github.com/oracle-quickstart/oci-arch-best-practices","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/oracle-quickstart%2Foci-arch-best-practices","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/oracle-quickstart%2Foci-arch-best-practices/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/oracle-quickstart%2Foci-arch-best-practices/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/oracle-quickstart%2Foci-arch-best-practices/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/oracle-quickstart","download_url":"https://codeload.github.com/oracle-quickstart/oci-arch-best-practices/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":239735262,"owners_count":19688262,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-07T22:27:31.919Z","updated_at":"2026-01-05T02:30:18.062Z","avatar_url":"https://github.com/oracle-quickstart.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Architecture Center Best practices\r\n![version][hoes]\r\n\r\nThis code is based on Terraform focus to deliver the principals to guide you to build a strong consistence foundation layer to simplify the deployment and adoption of Oracle Cloud Infrastructure – OCI.\r\nQuick background… was quite common to help costumer asking question on how we start with OCI. This anachronism created – HOES, that can be found in the code.\r\nNow let us start to build the answer for this following the exact same division of code structure by the following terraform modules bellow:\r\n* Identity and access\r\n* Compartments\r\n* Tags\r\n* Security\r\n* Virtual Networking\r\n\r\nThe objective here is share how to create a foundation layer to be used not only for a single project but be designed to address the common required and be revised in future waves to cover more specific scenarios.\r\n\r\n# Quick Overview\r\n## Identity and access\r\nBe capable to control what principals can be able access the service and how they will access the service is managed by Identity and Access. \r\nFederation can and will be addressed in this section if you do not have any OCI bring to you this service for administrative service.\r\n\r\n## Compartments\r\nLogical organization of resources can be also be understood like folders that will help organize cloud resources and polices that will authorize will honor the hierarchic that you design. \r\n\r\n## Tags\r\nTags can help on provide an orthogonal perpective of the services that you have deployed. However indepdendent of the CSP or even rpoject is one of the most renagated contruct and also one that brings relevant lacks management, cost control troubleshooting and also simplification on how to improve security because can also be evaluated on policy.\r\n\r\n## Security\r\nSecurity in any platform will be pervasive and present in all interactions of service life cycle.\r\nOnce the user be able to login authorization takes place to allow what actions this user can perform reinforcing here OCI works with least privilege principal.  Polices address this capability, in this guide we recommend initial police sets to help initially define the governance model.\r\nIn this code we also present the possibility to create the security posture using a service called Cloud Guard.\r\nAnother relevant aspect covered here is how to manage encryption keys to be used in several OCI services like buckets, block volumes and secrets. Provide the capability to use keys that you can manage.\r\n\r\n\r\n\u003c!-- Markdown link \u0026 dfns --\u003e\r\n[hoes]: https://img.shields.io/badge/hoes-v1.0-brightgreen\r\n\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Foracle-quickstart%2Foci-arch-best-practices","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Foracle-quickstart%2Foci-arch-best-practices","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Foracle-quickstart%2Foci-arch-best-practices/lists"}