About Best Practices
- Security and compliance: Protect your business data and IT assets in the cloud.
- Reliability and resilience: Build, deploy, and maintain a cloud topology that's fault tolerant and that can be recovered quickly in the event of any outage.
- Performance and cost optimization: Ensure that your resources in the cloud are used efficiently and provide value at the lowest cost.
- Operational efficiency: Operate your cloud topology and manage resources efficiently.
For each business goal, the best practices are further organized based on key IT focus areas. The following table summarizes the key IT focus areas for each business goal.
Business Goal | Key IT Focus Areas |
---|---|
Security and compliance |
|
Reliability and resilience |
|
Performance and cost optimization |
|
Operational efficiency |
|
About Personas
Many of the topics within the articles in this Best Practices solution list one or more "personas," intended to map to architect roles within typical Oracle Cloud Infrastructure organizations. You can use these personas as a guideline for which members of your organization are responsible for each of the best practices areas described.
Each persona is listed in this table with some suggested Oracle Cloud Infrastructure certifications offered by Oracle University. The focus areas indicate the best practices solution playbooks that present the most topics directed to that persona.
Persona | Description | Suggested Certifications | Focus Areas |
---|---|---|---|
Application Architect | Creator and curator of custom applications to be hosted on a cloud platform. Goals include understanding the tool set, utilizing the platform securely and efficiently, and maintaining stability. Focuses on taking advantage of the agility and scalability of a cloud platform to enhance the user experience. |
|
|
Cloud Architect | Responsible for taking the needs and requirements of a workload or environment and selecting and organizing the best services and solutions for the deployed state of the host environment. Can see across the different cloud domains and interconnect the policies and requirements into a complete solution. |
|
|
DevOps Architect | Responsible for identifying the utility of virtualization and automation tools from the operations side and the process and skill set of the development side. Understands what is happening with a cloud application and develops and manages the tools to automatically respond. Collects and applies data from monitoring and alerting to establish a dynamic, reactive environment. Identifies tools and programs that best fit a workload and how best to incorporate them into system that meets requirements. |
|
|
Enterprise Architect | Responsible for an organization's overall technology strategy. Often a C-Level executive accountable for budget, service availability, and other applicable business metrics. May be responsible for selecting cloud providers, sponsoring a cloud business office, and aligning the organizational structure to enable cloud deployments. |
|
|
Infrastructure Architect | Responsibile for matching application requirements to compute and storage capabilities. Accountable for the strategy and lifecycle of datacenter equipment including hypervisor, containerization, physical servers, block and file-based storage, and operating systems. May also be responsible for defining cloud Infrastructure as Code strategies, additional components such as object storage, and data migration strategies. |
|
|
Network Architect | Responsible for ensuring application connectivity is resilient, performant, and secure. Accountable for hybrid cloud connectivity, on-premises/WAN connectivity, ingress/egress connectivity, and lateral (East ↔ West) connectivity. May also be responsible for cloud VCN design, security group stategy, load balancer configuration, inter and intra-region peering, and FastConnect connectivity. Ensures capacity is available for steady-state workloads, and spikes caused by migration or data loads. |
|
|
Security Architect | Responsible for ensuring application components are implemented securely. Accountable for defining strategies for intrusion detection systems, intrusion prevention systems, incident response, logging, data loss prevention, and regulatory compliance. May also be responsible for cloud IAM strategy, network security strategy, encryption, and secrets management. |
|
|