Managing Your Domains

Domain Management allows customers to register their domains with Oracle Cloud Infrastructure, as being their domain, which blocks others from claiming that domain in the future using new cloud accounts. OCI customers can redirect new user sign-up attempts that use a corporate email address from that customer's domains.

For example, if you work at "Company A" and "companyA" is the domain name, for anyone who comes to Oracle Cloud Infrastructure and tries to create a tenancy with "companyA" in the email domain, such an attempt will be prevented and they will be directed instead to OCI.

As a result, with Domain Management, large enterprises can more easily control their environments, by knowing who is creating tenancies, and can apply corporate policy onto such tenancies. They can securely verify ownership of your domains, and more easily control spending and management of resources.

Required IAM Policy

To use Oracle Cloud Infrastructure, you must be granted security access in a policy  by an administrator. This access is required whether you're using the Console or the REST API with an SDK, CLI, or other tool. If you get a message that you don’t have permission or are unauthorized, verify with your administrator what type of access you have and which compartment  to work in.

To use Domain Management, the following policies are required:

Allow group domainUsers to manage organizations-domain in compartmentA
Allow group domainUsers to manage organizations-domain-governance in compartmentA

Adding and Verifying Domains

For existing customers, follow these instructions to add and verify a domain.
  1. Open the navigation menu and click Governance & Administration. Under Governance, click Domain Management.
  2. Click Add and Verify Domain. The Add and Verify Domain panel is displayed.
    Note

    If a policy has not already been created, a Policy Notification is displayed, informing you that a default policy must first be created, to allow Domain Management to write notifications in the given tenancy and compartment. Click Add Policy to confirm. See Using the Console for more information on viewing the list of policies, where you will see a Domain_Governance_Policy on the Policies page, after you have added the policy. As a result, Domain Management can now create notifications, which are sent to the email address in the Add and Verify Domain panel. If you do not agree to policy creation, you can not proceed.
  3. In the Add and Verify Domain panel, enter the email address of the domain to be added. This email address is used when someone with your verified domain tries to create an Oracle Cloud account.
  4. Agree to the Oracle Notification Service Rates.
  5. In Domain, enter the domain you want to add and verify.
  6. Click Add and Verify. The domain is added, and the TXT Record field is populated with a generated name and value. Click the copy icon to use the TXT file so you can sign into your domain's account and add the TXT record information to your domain's registrar.
    Once you have completed adding the TXT record, Oracle verifies that you own the domain. After verification, you receive an email notification that the status has changed from Pending to Verified. This process can take up to 72 hours to complete. See https://www.godaddy.com/help/add-a-txt-record-19232 for more information on TXT records.
  7. Click Close to return to the Domain Management page.
The Domain Management page displays the new domain you have just added. Its information is displayed in the table, in terms of the following fields:
  • Domain: The name of the domain.
  • Notifications: Links to the Notifications topic. Topics are not created, however, until verification has occurred.
    Important

    When a domain has been verified and the topic has been created, customers receive an email to confirm their subscription. You must confirm the email subscription before you can start receiving email notifications.
  • TXT Record: The generated TXT record.
  • Email: The domain email.
  • Status: The domain verification status:
    • Pending: Verification in process.
    • Failed: Verification no good after 72 hours.
    • Active: Verified and governance enabled.
    • Disabled: Verified but not governed.
    • Releasing: Customer requested removal (work request triggered).
    • Released: Work request complete, will be removed from the Domain Management page after seven days.
  • Date: The last modified date. Updates when verified, enabled, disabled, or if the email was updated.
Once a domain's Status is Active, you can do the following:
  • Enable or disable governance
  • Update the email
  • Remove the domain
To enable governance

When you first add a new domain, governance is disabled by default, and it status is set to Pending. Once the status has changed to Active, governance can then be enabled or disabled.

Note

When turning on Enable Governance, it prevents others from creating an Oracle Cloud account with your verified domain. If you need to allow others to create an account with your domain, select Disable Governance from the Actions menu.

To enable governance for an active domain:

  1. Open the navigation menu and click Governance & Administration. Under Governance, click Domain Management.
  2. Click the Actions menu and select Enable Governance. A Turn on Domain Governance confirmation is displayed.
  3. Agree to the Oracle Notification Service Rates.
  4. Click Yes, turn on.
To disable governance

To disable governance for an active domain:

  1. Open the navigation menu and click Governance & Administration. Under Governance, click Domain Management.
  2. Click the Actions menu and select Disable Governance. A Turn off Domain Governance confirmation is displayed, indicating which domains are to be disabled.
  3. Click Confirm.
To update an email

To update the email address for an active domain:

  1. Open the navigation menu and click Governance & Administration. Under Governance, click Domain Management.
  2. Click the Actions menu and select Update Email. An Update Email box is displayed.
  3. Enter the new email address and click Save.
To remove a domain

To remove an active domain:

  1. Open the navigation menu and click Governance & Administration. Under Governance, click Domain Management.
  2. Click the Actions menu and select Remove Domain. A confirmation is displayed confirming which domain you are about to remove.
  3. Click Remove Domain.

Domain Revocation

Oracle regularly checks that a claimed domain is still valid and assigned to the correct owner. If a domain does not pass this verification check, you receive an email notification and you have 72 hours to update the TXT record information. If no action is taken, the domain is revoked.

If the domain is revoked but you want to reclaim it, you can add and verify the domain again.