OCI IAM Identity Domain Replication

Subscribing to Additional Infrastructure Regions

  1. Open the OCI Console using https://cloud.oracle.com.
  2. Open the navigation menu and select Identity & Security. Under Identity, select Domains. A table with a list of the identity domains appears.
  3. Select the Default domain. From the Default domain overview page, note the Remote Region Disaster Recovery region.

    This image shows the Manage regions option from the Region menu.
  4. Click your current Region name on the top right corner and then select Manage regions. A table shows the list of Oracle Cloud Infrastructure regions to which you are subscribed or unsubscribed.
    This image shows the Manage regions option from the Region menu.
  5. Search for the Remote Region Disaster Recovery region noted earlier and Subscribe to the region. To subscribe to a region, Select the Actions menu next to the region and then select Subscribe. You can refer to OCI paired Disaster Recovery region to find the Remote region disaster recovery region for your Home Region.

Note:

It could take several minutes to subscribe to a new region.

Verifying Default Identity Domain Replication

Identity domain replication is always enabled for the Default Identity Domain, and the Default Identity Domain automatically replicates to all regions to which the tenant is subscribed.
  1. Click your current Region name on the top right corner to see the list of regions subscribed in the OCI tenancy. When you subscribe to a new region, the default identity domain automatically replicates to that region and you will see the "Replicating" status from the Region menu as shown below.
    This image shows the Replicating status on the Region menu.

Note:

Allow the default domain replication to complete before enabling replication for additional domains.

Verify the "Replicating" status no longer appears on the Region menu. If it no longer appears, this indicates the default domain replication to the newly subscribed region has completed.

You cannot replicate an additional domain to a subscribed region without first completing the default domain replication to that subscribed region.