This image shows resource organization grouped by Compartment Structure, Geographic Location, and Network Isolation in three swim lanes.

Compartment Structure swim lane

A decision box shows how you would design your compartments based on whether you need administrative separation or not.

• If yes, then create a new compartment for your workload resources
• If not, then share your workload compartment with an existing compartment

If you need special compliance requirements then create a security zone compartment

If you need lifecycle environments then create Production and Non-Production compartments

Geographic Region swim lane

You must choose a region close to the audience.

• Split production and Disaster recovery workloads in the respective regions
• If you want to connect between resources or workload, then you must create both in the same region

Network Isolation swim lane

• If you have dependent services or workloads, you must share VCN in a different subnet
• If you have highly sensitive data then you must separate VCN in a different subnet
• If you need on-premises connectivity, then you must create FastConnect or share a DRG VCN having FastConnevct
• If you consume natuce OCI services, you must create a separate gateway in the workload VCN