This Post covers Everything you must know about one of the components of IAM (Identity & Access Management) Which is Compartment and all the changes made in November 2018 update. Compartment is the first thing you will be selecting when creating any resource in OCI like Compute, Storage, Network/VCN etc so its very important to understand compartment in OCI.
(Note: If you are just starting on Oracle Cloud or new to Oracle Cloud Infrastructure (OCI), then I would suggest you check our previous post on Oracle Cloud Infrastructure (OCI) basic concepts i.e. Region, AD, Tenancy, Compartment, VCN, IAM, Compute, Storage Service etc)
Overview of Compartment
A compartment is a logical container within your account used to store Oracle Cloud Infrastructure (OCI) Resources created within that compartment (such as compute, storage, and network) and you impose some policies to that compartment, which restricts who can use the resources created within than compartment other than administrators of your account.
You can create compartments based on department like Finance, HR, Sales etc or usages like PROD, TEST, DEV or mix of these two based on your Security Requirements.
Quick facts about Compartment
- The logical container used to organize and isolate cloud resources; each resource is in exactly one compartment
- Compartments are hierarchical; permissions in a parent compartment are inherited by child compartments
- Compartments are global and logical; distinct from physical containers like Regions and Availability Domains
- Resources can be connected/shared across compartments
Things You Can Do with Compartment
While creating a new compartment, you must provide a name for it (maximum 100 characters, including letters, numbers, periods, hyphens, and underscores) and it should be unique.
- As of November 2018, we can create multilevel/Sub compartments
- Maximum as of now we can have 6 nested compartments.
- Policies on Higher Level do get inherited to sub compartments.
Access Control for Compartments
- The very first thing after creating a compartment, you need to write at least one policy otherwise, no one can access it except administrators or users who have permission to the tenancy, which is created by default when you create new Oracle Cloud Account.
- Note: Policy, attached to a group defines who can access what in a Tenancy or Compartment
Putting Resources in a Compartment
- To place or create a new resource (Compute, Storage, Database, VCN etc) in a compartment, you simply specify that compartment when creating the resource the compartment is one of the required pieces of information to create a resource.
Deleting Compartments (Applicable from October 2018)
- Compartments can be deleted (Oct-2018) once all the associated resource are deleted or terminated from the compartment.
- To know more about Deleting Compartments check my previous blog on Oracle Cloud Infrastructure (OCI): Updates October 2018
Renaming a Compartment
- Compartments can be renamed and policy defined to that compartment will automatically be applied to the renamed compartment.
- Note: You can’t change the name of your root compartment.
Viewing a Resources Created within a Compartment
- You can also view the resources created within a compartment, select the type of resource you want to view. For example, click Database to view all your Database resources, it can be done from Console or via making API calls ie. from Command Line Interface (CLI)
- Note: It’s not possible to get a list of all the resources created within a compartment by using a single API call. Instead, you can list all the resources of a given type in the compartment (e.g., all the instances, all the block storage volumes, etc.).
Check one of many questions that you can expect in OCI Architect 1Z0-932 Exam (To get a FREE Copy of 20 Questions for 1Z0-932 Exam Click Here.
Now it’s your turn to post your doubts in the comment section and let us know where you are facing challenges in Oracle Cloud Infrastructure
This post is from our Course “[1Z0-932] Oracle Cloud Infrastructure Architect Associate” with 1 Year On-Job Support and 1-year Unlimited FREE Retakes (If you need to know more about this program then reach out to our team at contact [at] k21academy.com )
- [FREE Masterclass] 90 minute workshop on Learn How To Go From Complete Beginner To Oracle Certified Cloud (OCI-IAAS) Architect
- OCI for DBAs & Apps DBAs: Oracle Cloud Infrastructure (OCI) Why Should You Learn & In What Order
- Oracle Cloud Infrastructure (OCI) Architect (1z0-932)Live Training
- Oracle Cloud Infrastructure (OCI) Architect(1z0-932) Self-Paced Training
- Oracle Cloud Infrastructure (OCI) Architect: Certification Exam 1Z0-932: Step by Step Activity Guides To Clear Exam
Are You Cloud Certified? Not Yet!
Begin your journey towards becoming an Oracle Cloud [1Z0-932] Certified Architect by Joining,
FREE Masterclass on How To Become Oracle Certified Cloud Architect [1Z0-932] in 8 Weeks, And start preparing today to clear the Exam for Oracle Cloud Infrastructure Architect Exam-(1Z0-932) Certification.
Click Down the image below to register for FREE.