This image shows a single region with one compartment and one availability domain. The region includes Cloud Guard, auditing, access management, monitoring, and object services for the region.

The compartment includes a single virtual cloud network (VCN) with the following gateways:

• Internet gateway: Provides communications between public subnets and external systems.
• Service gateway: VCNs communicate with services such as object storage over the Oracle network fabric without traversing the internet.

The VCN provides 5 subnets, each with routing tables and security lists, that are arranged as functional layers:

• Data Processing Layer
  • Public Subnet: Contains a load balancer to handle input and output data from and to external systems such as enterprise applicant tracking systems (ATS) and other human capital management (HCM) systems and to manage traffic for data integration.
  • Private Subnet A: Contains data integration virtual machines (VMs). File streaming data moves to object storage, while application data moves to the data management layer for message and data processing.
• Data Management Layer
  • Private Subnet B: Contains a message queue VM that accepts data from the data integration VMs in subnet A and passes data to the data processing and mapping VMs in subnet C.
  • Private Subnet C: Contains a data processing and mapping VM that accepts data from the data integration VMs in subnet A and messaging data from subnet B, and passes data to object storage and to the database management system in subnet D.
• Permanent Data Layer contains a single private subnet D that contains a database management system.