What is a Tenancy?
A tenancy is a secure and isolated partition of Oracle Cloud Infrastructure to create, organize, and administer your cloud resources. This could include compute instances, networks, storage, databases, identity, analytics and more.
You can think of the tenancy as being synonymous with a company or organization. Ordinarily, a company will have a single tenancy and reflect its organizational structure within that tenancy.
A single tenancy is usually associated with a single subscription, and a single subscription usually only has one tenancy.
Once created by Oracle, each tenancy consists of;
- A distinct set of Users (which can be federated to another identity system).
- A set of Groups to which users belong.
- A distinct set of Policies (permissions).
- A set of service limits.
- Separate security and governance settings.
- A Root Compartment
Cloud resources and services, including those listed above, cannot be administered by any user outside the tenancy. However, some resources and services can still usually be accessed outside of the tenancy. This is only possible if such usage is configured and granted by an authorized administrator within the tenancy.
How Many Tenancies Do I Need?
The vast majority of organizations can achieve the intra-organisational separation they need by using a single tenancy and other OCI structures such as Compartments. However, there may be rare occasions when the degree of separation is so strict, or the organizational structure is so complex, that multiple tenancies are the only solution.
Multiple Tenancies might be used when an organization has distinct autonomous business units and where separate teams of people conduct the administration of cloud deployments.
There is no way of imposing cross-tenancy policies or governance.
A single OCI subscription can be shared across multiple child tenancies while, at the same time, having complete separation from each other.
The financial advantages of sharing a single subscription are;
- Reducing the risk of wasting committed spending due to under-use at the child tenancy level
- Reducing the risk of overage charges by a child tenancy when there are spare funds at the parent level
Important:
Because of a lack of centralized governance with multiple tenancies, our strong recommendation is to use a single tenancy (with a well-designed compartment structure) unless there is no other choice.