This architecture diagram shows a single Oracle Cloud Infrastructure (OCI) region with a single availability domain. The following services and features are provided for the region by the Oracle Services Network:

• Compartments
• Identity and access management (IAM)
• Policies
• Object storage
• Oracle Analytics Cloud

A single virtual cloud network (VCN) two subnets, each with its own security list and route table.

The VCN provides the following gateways:

• Internet gateway: Provides communications between public subnets and internet hosts.
• Dynamic routing gateway (DRG): Provides private connectivity between on-premises networks and VCNs by using site-to-site VPN or FastConnect. A DRG can also route traffic between VCNs for remote peering.
• Network address translation (NAT) gateway: Enables private resources in a VCN to access hosts on the internet without exposing those resources to incoming internet connections.
• Service gateway: Allows the VCN to communicate with services such as object storage over the Oracle network fabric without traversing the internet.

The VCN provides the following subnets:

• Bastion public subnet: Provides a bastion host to handle incoming traffic and route it to Autonomous Database.
• Database private subnet: Provides an instance of Oracle Autonomous Database with autoscaling and private endpoint connected to the bastion host.