Postinstallation Administration
After the Compute Cloud@Customer infrastructure is installed and connected to Oracle Cloud Infrastructure (OCI), you need to perform additional administrative tasks before you can create resources such as virtual cloud networks, instances, and storage on the Compute Cloud@Customer infrastructure.
The tasks you performed in Preparing Your Tenancy (creating a user, compartment, policies, and a VCN) are used only to establish the connection between OCI and the Compute Cloud@Customer infrastructure. These resources aren't intended to be used for organizing your cloud resources. You need to create similar IAM and network resources for organizing and isolating your cloud resources.
Start by securing Compute Cloud@Customer. Perform initial security tasks such as securing the hardware, your tenancy, and the network. See Securing Compute Cloud@Customer.
After security administration, postinstallation administration tasks you perform depend on the state of your tenancy.
-
If your Identity Access Management (IAM) resources such as users, groups, compartments, and policies are already set up in your tenancy, the IAM configuration in your tenancy is automatically synchronized on the Compute Cloud@Customer infrastructure. Administrators can begin to create cloud resources on Compute Cloud@Customer.
- If your tenancy is new, or if you need to update IAM resources to accommodate Compute Cloud@Customer, you need to configure these resources in your tenancy
before creating cloud resources on the Compute Cloud@Customer infrastructure:
-
Users: Create user accounts for people who manage Compute Cloud@Customer resources.
-
Groups: Create groups and add users to groups.
-
Compartments: Create compartments to organize and secure your Compute Cloud@Customer resources.
-
Policies: Create policies to restrict access to Compute Cloud@Customer resources.
- Defined tags: (Optional) Create defined tags to organize resources based on your business needs. Note that free-form tags are created when you create resources on the Compute Cloud@Customer infrastructure. See Tagging Resources on Compute Cloud@Customer.
These Compute Cloud@Customer IAM resources are managed in your tenancy, not on the Compute Cloud@Customer infrastructure. The tenancy IAM configuration is synchronized to the Compute Cloud@Customer infrastructure every ten minutes or so.
The way you perform these tasks depends on the tenancy type – either with or without Identity Domains. For more information about tenancy types on Compute Cloud@Customer, see IAM Overview.
If you're new to Compute Cloud@Customer, one way to learn about creating cloud resources is to create a sample instance. See Tutorial: Launching Your First Instance. -