This image shows the client services workflow within the architecture. The workflow is described in the surrounding text.
The architecture is described below.
This image shows a single compartment and region with a single virtual cloud network (VCN) that spans 2 availability domains,
each with 2 fault domains. The region provides the following services:
- Identity and access management
- Auditing
- Policies
- Logging
- Object storage
The virtual cloud network (VCN) provides the following gateways:
- Dynamic routing gateway (DRG): Provides private connectivity using IPSec VPN or FastConnect for developer remote access.
- Internet gateway: Provides communications between public subnets and client API calls.
The VCN includes 5 subnets:
- Bastion public subnet 1: Provides a compute instance that serves as a secure, controlled entry point to the topology from
outside the cloud using a dynamic routing gateway. The bastion host resides in availability domain 1 and fault domain 1.
- API Gateway public subnet 2: Enables you to publish APIs with private endpoints that are accessible from within your network,
and which you can expose to the public internet if required. Resides in availability domain 2 and fault domain 2 and interfaces
with the function subnet.
- Functions private subnet 2: Function layer that spans availability and fault domains and interfaces with the API gateway,
object storage, and primary database system.
- Database private subnet 3: Provides a primary database (availability domain 1, fault domain 2) and a secondary database (availability
domain 2, fault domain 1).
- Training instances private subnet 1: This subnet is not used in this workflow.
