search

oci-landing-zones / oci-landing-zone-operating-entities

The OCI Open LZ is a set of open and secure OCI landing zone blueprints to simplify the onboarding and running of organizations, business units, and subsidiaries into OCI - by customers, partners, or ISVs. Use it to create your own OCI Landing Zone.
Universal Permissive License v1.0
27 stars 8 forks source link
cloud-operations config-as-code declarative design gitops iac iam isv landing-zones newtwork oci onboard oracle oracle-cloud-infrastructure security terraform

readme

The OCI Operating Entities Landing Zone

Simplifying the Onboarding and Running of OCI

 

 

Welcome to the OCI Operating Entities Landing Zone, also known as OCI Open LZ, a set of open assets and best practices to simplify the onboarding and running of OCI for organizations and their functional divisions – identified as Operating Entities (OEs).

The OCI Open LZ provides complete OCI blueprints, including designs and declarative IaC, reducing design and implementation timelines, associated costs, and efforts - while enabling a future-proof OCI with complete security and scalability.

 

Repository Structure

This repository is the source of truth for the OCI Open LZ and includes three types of assets (blueprints, add-ons, and workload extensions) and three blueprint sizes (M, L, and XL):

# Directory Description
1 blueprints/ Select the most suitable OCI landing zone blueprint to onboard and run OCI.
...one-oe/ Onboards One OE with its environments, platforms, and projects in one tenancy.
...multi-oe/ Onboards Multiple OEs with shared services and OE-dedicated resources, sharing one tenancy.
...multi-tenancy/ Uses One-OE and Multi-OE to onboard all your organizations or customers into several tenancies.
2 addons/ Complement your landing zone with add-ons to run OCI with best practices. (e.g., Network Hubs)
3 workload-extensions/ Extend your landing zone with pluggable workload extensions (e.g., EBS, OCVS, ...).

 

As general guidance, it's recommended to start with the order of the table above. The first step is choosing the right blueprint shape and size (M, L, or XL). Complementary, review the network add-ons to update the design. After the Landing Zone is set, extend it with workload extensions. You can also use the OCI-tailored Landing Zone approach for further guidance on the creation of your landing zone.

 

Related Repositories

The OCI Open LZ uses a declarative Infrastructure-as-Code (IaC) approach that is distributed into several repositories.

Name Description / Scope
OCI Landing Zones Orchestrator Relates several OCI resource into one consolidated operation (i.e., one plan/apply).
OCI Landing Zones IAM Covers OCI Compartments, Groups, Policies, Dynamic Groups, etc.
OCI Landing Zones Network Covers all OCI Core Network Resources for any network topology.
OCI Landing Zones Security Covers OCI Security Resources (e.g., Cloud Guard, VSS, Security Zones, Vaults, etc.).
OCI Landing Zones Observability Covers OCI Monitoring resources (e.g., Logging, Events, Alarms, Notifications, etc.).
OCI Landing Zones Governance Covers OCI Tagging.

Contributing

If your project has specific contribution requirements, update the CONTRIBUTING.md file to ensure those requirements are clearly explained

This project welcomes contributions from the community. Before submitting a pull request, please review our contribution guide

Security

Please consult the security guide for our responsible security vulnerability disclosure process

 

 

License

Copyright (c) 2024 Oracle and/or its affiliates.

Licensed under the Universal Permissive License (UPL), Version 1.0.

See LICENSE for more details.