Replicating an Identity Domain to Multiple Regions
You can replicate an identity domain in IAM to additional regions to enable users in that domain to interact with OCI resources in those regions.
Replication is always enabled for the Default identity domain. The Default identity domain always replicates to all regions to which the tenant is subscribed. When an administrator subscribes to another region, the Default identity domain automatically replicates to that region. Additional identity domains are created in a home region that's specified at creation time. They don't replicate to other regions unless replication is specifically enabled.
You should enable replication if users in an identity domain need to interact with OCI resources in regions beyond that domain's home region. For example, if the domain was created with Germany Central (Frankfurt) as its home region, replication to France Central (Paris) lets users in the domain interact with OCI resources in Frankfurt or Paris, but not US East (Ashburn), even if the tenancy is subscribed to that region.
Before you begin: Ensure that the tenancy is subscribed to the regions to which you want to replicate the identity domain. For more information about the home regions and the basics of managing your region subscriptions, see Managing Regions.
Ensure that the tenancy is subscribed to the regions to which you want to replicate the identity domain. For more information about the home regions and the basics of managing your region subscriptions, see Managing Regions. Use the oci iam domain enable-replication-to-region command and required parameters to replicate an identity domain to multiple regions:
oci iam domain enable-replication-to-region --domain-id domain_ocid [OPTIONS]For a complete list of parameters and values for CLI commands, see the CLI Command Reference.
Run the EnableReplicationToRegion operation to replicate an identity domain to multiple regions.