This image shows the integration of services between a region in Oracle Cloud Infrastructure, AWS, and Oracle applications running on premises or in the Oracle Cloud.

The AWS cloud provides email, compute, text extraction, storage, and messaging services for capturing invoice image, text, and metadata information. Oracle Cloud Infrastructure provides a single region and availability domain with three fault domains.

A sandbox compartment with a single virtual cloud network (VCN) and a public subnet provides access to GitHub developers by using an internet gateway to access Terraform, Bastion, and Jenkins resources in the subnet. A service gateway provides access to services such as the Oracle Cloud Infrastructure Registry, and local peering is used to communicate with the primary compartment.

The primary compartment has a single VCN that provides the following gateways:

• Internet gateway: Provides domain name server (DNS) access to web users and manually approved subscribers.
• Dynamic routing gateway (DRG): Provides private connectivity between on-premises networks and VCNs and routes traffic between VCNs for remote peering.
• Service gateway: VCNs communicate with services such as object storage over the Oracle network fabric without traversing the internet.

The VCN has 3 subnets organized as functional tiers:

• Bastion tier (public subnet): A public load balancer in fault domain 2 handles incoming traffic from the internet gateway and incoming and outgoing traffic to storage buckets in AWS. The load balancer connects to Oracle Container Engine for Kubernetes.
• Kubernetes tier (public subnet): Oracle Container Engine for Kubernetes resides in fault domain 2 with worker nodes in each of the 3 fault domains. Resources in this subnet connect to Oracle Cloud Infrastructure Registry, Oracle Content Management, and the database tier.
• Database tier (private subnet): An Oracle Autonomous Database instance resides in fault domain 1 and connects to Oracle Functions.

Business applications such as Oracle E-Business Suite, Oracle Financials Cloud (ERP), and NetSuite communicate with workloads in Oracle Container Engine for Kubernetes by using Oracle Integration adapters. Backend services push invoices into Oracle Content Management and Oracle Integration links those invoice images to the customer's ERP system.

The following services and features are also provided for the region:

• Identity and access management
• Auditing
• Policies
• Monitoring
• Object storage
• Oracle Functions
• Oracle Events
• Document Understanding