This image shows resource organization grouped by Compartment Structure, Geographic Location, and Network Isolation in three swim lanes.
Compartment Structure swim lane
A decision box shows how you would design your compartments based on whether you need administrative separation or not.
- If yes, then create a new compartment for your workload resources
- If not, then share your workload compartment with an existing compartment
If you need special compliance requirements then create a security zone compartment
If you need lifecycle environments then create Production and Non-Production compartments
Geographic Region swim lane
You must choose a region close to the audience.
- Split production and Disaster recovery workloads in the respective regions
- If you want to connect between resources or workload, then you must create both in the same region
Network Isolation swim lane
- If you have dependent services or workloads, you must share VCN in a different subnet
- If you have highly sensitive data then you must separate VCN in a different subnet
- If you need on-premises connectivity, then you must create FastConnect or share a DRG VCN having FastConnevct
- If you consume natuce OCI services, you must create a separate gateway in the workload VCN