The image shows 1 region with 2 compartments, an on-premises location, and multiple third-party clouds and service providers. The region provides authentication (IDCS), auditing, policies, Oracle Cloud Infrastructure Resource Manager for Terraform, and Oracle Cloud Infrastructure Object Storage for COMM vault backup.

On-premises users include GRU/CGH São Paulo, CNF Belo Horizonte Hangar, POA Porto Alegre, BR Northeast, and BSB Brasília Hangar who use on-premises routers to connect to Oracle Cloud either by using a multiprotocol label switching (MPLS) network and Oracle Cloud Infrastructure FastConnect or a site-to-site VPN. Incoming traffic to Oracle Cloud is routed through a dynamic routing gateway (DRG).

Third-party providers include:

• Third-party BRA: Provides SAP ERP.
• Third-party USA: Provides an app and secure file transfer protocol (SFTP) to Boeing.
• Third-party GER: Houses and replicates the NetLine database in Oracle Cloud.

VPN compartment: Contains 1 "hub" virtual cloud network (VCN) and 1 subnet which provides a security list and a route table. The VCN acts as a hub that includes a DRG and a network address translation (NAT) gateway and that houses a virtual private network (VPN) server on a virtual machine (VM). The VCN communicates with the VCN in the other compartment by using local peering.

Production compartment: Contains 1 virtual cloud network (VCN) that communicates with the VCN in the other compartment by using local peering. The VCN provides an internet gateway for communications with third-party clouds and service providers. The VCN has 4 "spoke" subnets, each of which provides a security list and a route table:

• DMZ Subnet: Contains a load balancer that manages traffic to the backend subnet.
• Backend Subnet: Contains an Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE) cluster for AMOS maintenance, repair and overhaul (MRO) workloads. These workloads interface with mail, secure file transfer protocol (SFTP), Oracle Service Oriented Architecture (SOA), and directly with the third-party USA provider by using the internet gateway. Virtual machines (VMs) host a portal and third-party app for handling SFTP traffic. Oracle SOA communicates with the SAP ERP third-party provider by using the internet gateway.
• Database Subnet: Provides a Sybase database and an Oracle Exadata Database Service instance for database NetLine replication.
• Backup Subnet: Provides a COMM vault backup that uses Oracle Cloud Infrastructure Object Storageprovided at the regional level.