Using the new governance rules feature in Organization Management, you can create controls and share tags across your multi-tenancy organization. Governance rules allow you to enforce restrictions that help create enforcements across your child tenancies. For example, you can:

• Set a resource quota to limit or restrict a child tenancy from using a specific service.
• Enforce a set of allowable regions, so that data resides only in specific regions.
• Share a tag namespace so that child tenancies use consistent tag key and value names.

When a governance rule is created within the parent tenancy, the rule states the enforcement you want to create, such as a service restriction. You can then attach the governance rule to a target tenancy. After the rule is attached, a governed resource is created on the target tenancy. These governed resources are resource locked, meaning the child tenancy cannot modify the resource. With governance rules, you can set enforcements across your entire organization so that child tenancies comply with your security standards.

For more information, see the new Governance Rules page in Organization Management, and Using Governance Rules.