WEBVTT
1
00:00:08.420 --> 00:00:14.609
Myles Brown: Welcome everybody. It's going to take a few minutes for all the attendees to come in, so we'll give them a bit of time.
2
00:00:15.560 --> 00:00:19.989
Myles Brown: Good morning. Good afternoon. Good evening. Wherever you're coming from.
3
00:00:20.930 --> 00:00:27.710
Myles Brown: It's we're gonna get started in. Probably about a minute or 2. We'll give people time to come in.
4
00:00:30.180 --> 00:00:35.349
Myles Brown: Yeah, I can see the attendees still growing, so we'll wait till it levels off a little bit.
5
00:00:42.690 --> 00:00:44.130
Myles Brown: Okay.
6
00:00:48.110 --> 00:00:48.919
Myles Brown: all right.
7
00:00:48.980 --> 00:00:52.269
Myles Brown: Well welcome to today's Webinar.
8
00:00:52.320 --> 00:00:54.050
Myles Brown: and
9
00:00:54.100 --> 00:01:05.999
Myles Brown: My name is Miles Brown. I work for a company called Exit certified. If you're not familiar. Exit certified is a a technical training company. We've been around since 2,001.
10
00:01:06.430 --> 00:01:13.410
Myles Brown: We've been doing oracle training since 2,005. I had to look it up today to see how long we've had that oracle partnership.
11
00:01:13.490 --> 00:01:21.919
Myles Brown: But exit certified is the that's our go to Market brand. We're actually part of a much bigger company called TV Cynics.
12
00:01:22.140 --> 00:01:37.619
Myles Brown: and we've been training for a long time. And we basically our big thing is that we partner with vendors. So you know all the major technology vendors we try and partner with them and offer their certified training, including oracle.
13
00:01:37.960 --> 00:01:39.539
Myles Brown: And
14
00:01:39.660 --> 00:01:53.320
Myles Brown: over time we've we've done business in a lot of countries. We are North American based, and that is where most of our training happens. But you know, virtual training really opened things up. And so now we've had people from 54 different countries.
15
00:01:53.570 --> 00:02:03.699
We've had a 125,000 students, 60 of which more than 60,000 now have come through our virtual training platform we've been doing virtual training since 2,012,
16
00:02:03.910 --> 00:02:23.379
Myles Brown: and it was probably before the pandemic. It was about 60% of our business, you know. Then, all of a sudden it flipped to about a 100 for a while. We do have training centers across North America, and and they are now open. We find that you know people are just not that quick to go back into classrooms. So we're still doing a lot of
17
00:02:23.390 --> 00:02:24.750
Myles Brown: virtual training.
18
00:02:25.100 --> 00:02:35.600
Myles Brown: and we have 25 plus vendors that we're partnered with to deliver those those authorized training. We go through the get our instructors
19
00:02:35.630 --> 00:02:41.310
Myles Brown: certified. Our instructors are typically, you know, sort of lifelong
20
00:02:41.390 --> 00:02:42.850
Myles Brown: technical trainers.
21
00:02:42.950 --> 00:02:48.250
Myles Brown: with with many years in it. This is sort of the average of of our our internal team.
22
00:02:48.830 --> 00:02:59.440
Myles Brown: and we do a lot of different delivery formats. We do virtual. We do in person, both in our training centers and on site, and we do sort of mixture kind of environments
23
00:02:59.460 --> 00:03:18.479
Myles Brown: lately. What we've been doing. A lot of is cloud training, and so to sort of hit home to customers what we do, we we built this what we call cloud centric suite of of sort of training and and technologies, and at the heart of it is the training from the public cloud vendors.
24
00:03:18.530 --> 00:03:25.400
Myles Brown: So all all of the big 4 public cloud vendors. We we are authorized to deliver their content.
25
00:03:25.620 --> 00:03:45.089
Myles Brown: But what we find is that, you know, once people move to the cloud, there's a lot of you know, a move to the cloud is not just simply who's gonna run my data center. You know. Very often it changes how we develop. Software we might start to embrace containers and kubernetes, and all those sort of cloud native concepts.
26
00:03:45.310 --> 00:03:56.870
Myles Brown: And then we get into Well, you know. How are you going to learn Kubernetes right. The vendors have their flavor of Kubernetes training, but but anybody can kind of hang inside and say we do Kubernetes training.
27
00:03:56.880 --> 00:04:19.950
Myles Brown: So part of our job is to go and figure out who's got the best of breed training for that, and then we go in and sort of partner with them. And so there's a company called Morantis. We we do some of their training. The Linux foundation has some pretty good training that maps to the the the Cloud Native compute foundation certifications. So we get. You know we we see that there's a lot of moving parts around moving to the cloud.
28
00:04:20.010 --> 00:04:31.440
Myles Brown: And so this is sort of what we do. A cloud is a big chunk of what we do, we we still do traditional oracle classes, you know. If you want to go take a Dba class. Yeah, we got those.
29
00:04:31.520 --> 00:04:38.970
Myles Brown: but a cloud seems to be, you know, over the last 10 years sort of the big thing that we do
30
00:04:39.180 --> 00:04:57.780
Myles Brown: so like I said, my name is Miles. I'm gonna be around just sort of helping with the chat. You know we we run this sort of Webinar style, so we can open it up to as many people as possible. This isn't like our regular classes, where you might have 1012 people, and we encourage 2 way audio and video.
31
00:04:57.790 --> 00:05:09.980
Myles Brown: Here. We're gonna run it more. Webinar style. Orlando is going to do the presentation and some demos and i'm going to be sort of manning the chat. Probably the best place to ask questions is the Q. A. Box?
32
00:05:09.990 --> 00:05:23.349
Myles Brown: You can throw a question in there, and and maybe i'll answer it if it's a nice, easy one. I can answer. You know I I am oci certified. I I've got my my foundations, and my architect, the associate.
33
00:05:23.460 --> 00:05:37.659
Myles Brown: I'm. Not the same level of expertise as Orlando, but that you know I'll I'll be helping with the chat, and Orlando is going to, you know, Deliver some of this content.
34
00:05:37.670 --> 00:05:50.799
Myles Brown: and let me just give you a quick introduction to Orlando. His name is Orlando genteel. He he works for oracle. He's he's a oracle university oci consultant and instructor he's he's been there since 2,018,
35
00:05:50.930 --> 00:06:01.460
Myles Brown: but his experience is from you know 26 plus years of it. Work working as a consultant. The Cis admin tech support. You know the the whole, the whole deal.
36
00:06:01.470 --> 00:06:19.429
Myles Brown: so i'm gonna stop sharing my slides and let him share his and sort of take things over, and then i'm going to kind of disappear, and you might see me pop in to, you know, maybe talk about some of our promos that are coming up, and things like that. When when Orlando goes to break
37
00:06:19.490 --> 00:06:21.810
Myles Brown: so, Orlando, you can take it away.
38
00:06:22.020 --> 00:06:24.260
Orlando Gentil: Okay, thanks for the introduction, Miles.
39
00:06:24.630 --> 00:06:26.719
Orlando Gentil: Hey, everybody! Welcome.
40
00:06:26.980 --> 00:06:39.379
Orlando Gentil: I was already introduced, and you would know my name or lendaging to you. I've been away for a call for 5 years. Now this is this February I'm. Completing 5 years at, or Co. Always working with cloud, but
41
00:06:39.880 --> 00:06:45.369
Orlando Gentil: mainly before that, I, being an infrastructure guy working as his admin
42
00:06:45.540 --> 00:06:46.900
Orlando Gentil: consulting
43
00:06:46.940 --> 00:06:50.469
Orlando Gentil: this, all this kind of good things that we do on a daily basis.
44
00:06:50.940 --> 00:07:00.400
Orlando Gentil: The the purpose of the the session today is to get you introduced it to all. Ci. Know the resources that you have.
45
00:07:00.540 --> 00:07:10.149
Orlando Gentil: and how that is paired with the exit certified admission on do the training and give you the best solutions.
46
00:07:10.700 --> 00:07:25.210
Orlando Gentil: Just so we can start by a show of hands if you can put on the chat if you already use the Cloud Provider or not, if this is going to be the first time, so we can have an idea, and we can see how deep we can go in certain parts.
47
00:07:25.800 --> 00:07:34.720
Orlando Gentil: or how we need to step back and show the show a bit more context before going deep.
48
00:07:37.180 --> 00:07:40.210
Orlando Gentil: Let's take a look at the chat and see.
49
00:07:42.550 --> 00:07:45.910
Orlando Gentil: I'm just gonna put this slide here
50
00:07:51.480 --> 00:07:53.210
so we can
51
00:07:53.620 --> 00:07:55.770
Orlando Gentil: see where is the chat?
52
00:08:01.880 --> 00:08:06.850
Orlando Gentil: Some people first time. Some people with some experience.
53
00:08:15.330 --> 00:08:16.130
Orlando Gentil: Okay.
54
00:08:17.160 --> 00:08:17.860
Orlando Gentil: so
55
00:08:18.790 --> 00:08:22.109
Orlando Gentil: oracle as one of the cloud providers
56
00:08:22.200 --> 00:08:25.190
Orlando Gentil: offers a solution that we have
57
00:08:27.780 --> 00:08:36.949
Orlando Gentil: the core infrastructure. We provide to go over this administration databases, applications. The analytic parts developer services.
58
00:08:38.000 --> 00:08:39.390
Orlando Gentil: and
59
00:08:40.679 --> 00:08:42.919
Orlando Gentil: that would be infrastructure
60
00:08:43.130 --> 00:08:51.260
Orlando Gentil: platform, and also applications so solutions as a service. It's part of the whole portfolio that we have
61
00:08:52.520 --> 00:08:56.910
Orlando Gentil: today. I'm not. I'm going to be alternating between the
62
00:08:57.910 --> 00:09:01.680
Orlando Gentil: the control panel that we have on the cloud and
63
00:09:02.170 --> 00:09:03.480
Orlando Gentil: the slides.
64
00:09:03.650 --> 00:09:04.460
Orlando Gentil: So
65
00:09:06.890 --> 00:09:09.909
Orlando Gentil: let me show you when we go to
66
00:09:10.660 --> 00:09:12.790
Orlando Gentil: cloud.com
67
00:09:14.760 --> 00:09:16.750
Orlando Gentil: how you log into the cloud.
68
00:09:17.490 --> 00:09:23.230
Orlando Gentil: If it's the first time you might be lost. But there with me, because we're gonna go when the
69
00:09:23.250 --> 00:09:34.390
Orlando Gentil: give more context for you on what we're talking about, and how the pieces feed together. I just didn't want to be like a static presentation all the time, and just talking
70
00:09:34.720 --> 00:09:42.079
Orlando Gentil: so on this initial screen of the console you will have the option to enter your tennis name.
71
00:09:43.550 --> 00:09:44.599
Orlando Gentil: From there
72
00:09:44.790 --> 00:09:46.790
Orlando Gentil: you'll be directed to
73
00:09:46.820 --> 00:09:48.699
Orlando Gentil: the actual logging screen.
74
00:09:50.540 --> 00:09:57.700
Orlando Gentil: There are 2 types of logging screens that when we come to the security parts i'm going to get more details into it.
75
00:09:59.190 --> 00:09:59.850
Orlando Gentil: But
76
00:10:00.810 --> 00:10:02.359
Orlando Gentil: once you log in.
77
00:10:02.480 --> 00:10:06.659
Orlando Gentil: if you're coming from a traditional infrastructure.
78
00:10:08.190 --> 00:10:11.280
Orlando Gentil: it resembles to
79
00:10:11.940 --> 00:10:13.390
Orlando Gentil: a vmware console.
80
00:10:13.630 --> 00:10:15.170
Orlando Gentil: You gonna have
81
00:10:16.100 --> 00:10:19.420
Orlando Gentil: one navigation menu where you're gonna have the services
82
00:10:20.350 --> 00:10:23.200
Orlando Gentil: that you can use within the infrastructure
83
00:10:24.120 --> 00:10:28.460
Myles Brown: or Orlando. Is it possible to hit like control plus and make your
84
00:10:28.720 --> 00:10:32.770
Myles Brown: your font and your yeah, browser. A little bigger. Thanks.
85
00:10:32.980 --> 00:10:35.669
Orlando Gentil: No problem. I I forgot to change the resolution.
86
00:10:37.100 --> 00:10:38.999
Orlando Gentil: So we have the
87
00:10:39.810 --> 00:10:43.639
Orlando Gentil: on the navigation menu here. All sorts of services
88
00:10:43.730 --> 00:10:45.320
Orlando Gentil: that are available to you.
89
00:10:45.570 --> 00:10:50.540
Orlando Gentil: We're going to talk mainly today about compute storage, networking
90
00:10:51.670 --> 00:10:56.700
Orlando Gentil: and identity and security, because those are, we call core services
91
00:10:57.630 --> 00:11:01.899
Orlando Gentil: plus security, because it's an essential part of the.
92
00:11:02.350 --> 00:11:06.750
Orlando Gentil: If you are using the cloud, if you are using services outside your room.
93
00:11:06.770 --> 00:11:11.699
Orlando Gentil: you have to be concerned even more about security. So we're gonna talk about the core services
94
00:11:12.030 --> 00:11:16.069
Orlando Gentil: because they are the foundation for everything that you're going to use in the cloud
95
00:11:16.580 --> 00:11:24.729
Orlando Gentil: plus security. If time allows we gonna go and the show a little bit of observability and management
96
00:11:26.710 --> 00:11:28.770
Orlando Gentil: doing back here on the console.
97
00:11:29.210 --> 00:11:32.370
Orlando Gentil: Let's keep exploring. So you guys can have an idea.
98
00:11:33.360 --> 00:11:34.820
Orlando Gentil: The navigation menu
99
00:11:34.850 --> 00:11:40.770
Orlando Gentil: I showed you. We have a search bar where you can search resources, services.
100
00:11:41.740 --> 00:11:43.860
Orlando Gentil: It's a like a broad search.
101
00:11:44.740 --> 00:11:45.680
Orlando Gentil: and
102
00:11:45.990 --> 00:11:48.810
Orlando Gentil: after that you you have the region.
103
00:11:49.630 --> 00:11:50.880
Orlando Gentil: What is the region?
104
00:11:51.480 --> 00:11:55.000
Orlando Gentil: A region is a a geographical location
105
00:11:55.190 --> 00:11:58.830
Orlando Gentil: that we have
106
00:12:01.220 --> 00:12:05.300
Orlando Gentil: is a geographical location that we, not this one.
107
00:12:14.850 --> 00:12:22.309
Orlando Gentil: A geographical location is a region is a geographical location, where our whole places the infrastructure
108
00:12:22.570 --> 00:12:25.879
Orlando Gentil: closer to the where the customers need.
109
00:12:26.040 --> 00:12:28.400
Orlando Gentil: Today we are counting with
110
00:12:28.450 --> 00:12:32.709
Orlando Gentil: the is 41 of 42 regions for commercial.
111
00:12:33.430 --> 00:12:38.970
Orlando Gentil: There are also government regions in some regions depending. If the government showed the interest.
112
00:12:39.040 --> 00:12:43.810
Orlando Gentil: and it's also the private regions. If your customer
113
00:12:44.410 --> 00:12:48.820
Orlando Gentil: for you, it's big enough. We can deploy a dedicated region for you
114
00:12:49.370 --> 00:12:57.640
Orlando Gentil: to others you need, because you don't want to share part of the infrastructure, and but at the same time you don't want to to manage it.
115
00:12:58.740 --> 00:13:00.329
Orlando Gentil: How do you choose?
116
00:13:00.550 --> 00:13:02.190
Orlando Gentil: Yeah, Your region
117
00:13:03.260 --> 00:13:06.070
Orlando Gentil: here?
118
00:13:12.450 --> 00:13:16.520
Orlando Gentil: First thing is to you. You have to consider your location.
119
00:13:16.550 --> 00:13:19.160
Orlando Gentil: So if you are in Canada
120
00:13:20.060 --> 00:13:22.180
Orlando Gentil: and you have issues with
121
00:13:22.220 --> 00:13:26.760
Orlando Gentil: data, residents and compliance, data should not leave the country.
122
00:13:26.930 --> 00:13:29.049
Orlando Gentil: You know that you're going to pick.
123
00:13:29.420 --> 00:13:32.970
Orlando Gentil: for example, like we have here the Toronto region
124
00:13:33.990 --> 00:13:37.270
Orlando Gentil: and these regions Here you subscribe as you need
125
00:13:37.560 --> 00:13:41.730
Orlando Gentil: at first. It will not be shown everywhere, every single region for you.
126
00:13:42.010 --> 00:13:46.690
Orlando Gentil: just the one that you pick as your home region. It's the region where.
127
00:13:46.710 --> 00:13:48.240
Orlando Gentil: but
128
00:13:48.310 --> 00:13:53.700
Orlando Gentil: all the action happens, and then it replicates to the other regions that you subscribe.
129
00:13:57.180 --> 00:14:00.090
Orlando Gentil: Hmm. That was the good slide
130
00:14:00.350 --> 00:14:05.989
Orlando Gentil: in another factor that you have to consider is also the not only the data, residency
131
00:14:06.270 --> 00:14:13.619
Orlando Gentil: and compliance, and all that, but also latency. So you can make sure that your customers are
132
00:14:14.390 --> 00:14:22.209
Orlando Gentil: your clients are Well, they have a low latency, and they have a better experience accessing your services
133
00:14:24.060 --> 00:14:25.600
Orlando Gentil: as new regions. Come.
134
00:14:25.640 --> 00:14:33.720
Orlando Gentil: you can come here and just select the region that you want, and subscribe this account here. Subscribe to pretty much everything, because
135
00:14:34.160 --> 00:14:35.990
Orlando Gentil: I need that to test.
136
00:14:39.490 --> 00:14:43.999
Orlando Gentil: So that's about how region, what? What is the region.
137
00:14:44.760 --> 00:14:50.639
Orlando Gentil: If you look from a traditional stand, traditional infrastructure perspective.
138
00:14:51.190 --> 00:14:53.629
Orlando Gentil: the regions are.
139
00:14:55.440 --> 00:14:58.410
Orlando Gentil: it will work the same way. It won't change much.
140
00:14:58.790 --> 00:15:01.900
Orlando Gentil: but when it comes to the next.
141
00:15:02.760 --> 00:15:04.070
Orlando Gentil: Let's just down here.
142
00:15:04.140 --> 00:15:05.010
Orlando Gentil: I think you wanna
143
00:15:05.150 --> 00:15:09.050
Orlando Gentil: but this at this point here this presentation is not the best one that I could get
144
00:15:14.390 --> 00:15:16.640
Orlando Gentil: when you come from a
145
00:15:22.260 --> 00:15:23.010
that
146
00:15:24.930 --> 00:15:26.480
Orlando Gentil: after you pick the region
147
00:15:26.670 --> 00:15:31.429
Orlando Gentil: inside each region. Oci has what we call availability domains.
148
00:15:32.120 --> 00:15:33.819
Orlando Gentil: as they have been the domains
149
00:15:33.920 --> 00:15:36.160
Orlando Gentil: translating to a
150
00:15:36.410 --> 00:15:40.330
Orlando Gentil: traditional infrastructure. It will be your actual data center
151
00:15:41.480 --> 00:15:47.160
Orlando Gentil: some regions on Oci. They will have 3 of the domains. So when you select
152
00:15:47.750 --> 00:15:50.990
Orlando Gentil: Ashburn, London, Frankfurt.
153
00:15:51.210 --> 00:15:54.040
Orlando Gentil: Phoenix, and a couple of others.
154
00:15:54.330 --> 00:15:57.429
Orlando Gentil: They have multiple ads.
155
00:15:57.540 --> 00:15:58.910
Orlando Gentil: meaning They have
156
00:15:59.120 --> 00:16:03.280
Orlando Gentil: 3 separate locations within that region
157
00:16:04.020 --> 00:16:06.639
Orlando Gentil: that will allow you to
158
00:16:07.100 --> 00:16:08.900
Orlando Gentil: have
159
00:16:10.070 --> 00:16:13.040
Orlando Gentil: local redundancy. Let's put this way
160
00:16:13.080 --> 00:16:19.290
Orlando Gentil: from a level that they are separated buildings, and they operate totally isolated, one from the other.
161
00:16:21.730 --> 00:16:24.169
Orlando Gentil: The we feel the theability domain.
162
00:16:24.410 --> 00:16:30.289
Orlando Gentil: We will have fault domains. Again, making an analogy with the
163
00:16:31.000 --> 00:16:32.649
Orlando Gentil: additional data center.
164
00:16:33.230 --> 00:16:35.419
Orlando Gentil: That will be the
165
00:16:36.180 --> 00:16:38.019
Orlando Gentil: the data centers zones.
166
00:16:38.960 --> 00:16:39.819
Orlando Gentil: It will.
167
00:16:39.850 --> 00:16:47.289
Orlando Gentil: they can or cannot be on the same building, but those fault domains, they are totally isolated one from another.
168
00:16:47.360 --> 00:16:53.430
Orlando Gentil: They have different a/C. They have different power. They have different network backbones
169
00:16:53.450 --> 00:16:55.090
set to them.
170
00:16:56.090 --> 00:17:05.180
Orlando Gentil: and that ensures that if we have to make a maintenance, we can select one fault domain. You can migrate your infrastructure.
171
00:17:05.829 --> 00:17:08.729
Orlando Gentil: Excuse me from one fault domain to another.
172
00:17:09.089 --> 00:17:12.680
Orlando Gentil: and keep business working seamlessly.
173
00:17:14.500 --> 00:17:16.970
Orlando Gentil: If you have multiple ads.
174
00:17:17.430 --> 00:17:24.289
Orlando Gentil: a region with that connection between the ads, it's in the dedicated backbone.
175
00:17:24.310 --> 00:17:28.730
Orlando Gentil: So it's. Although they are separated locations, they are like a
176
00:17:29.330 --> 00:17:30.260
Orlando Gentil: 20
177
00:17:30.330 --> 00:17:32.489
Orlando Gentil: miles apart from each other.
178
00:17:32.940 --> 00:17:34.669
Orlando Gentil: 30, something kilometers.
179
00:17:35.800 --> 00:17:43.690
Orlando Gentil: 32 kilometers apart. Those numbers are not pretty exactly like that, but just a a ballpark.
180
00:17:44.260 --> 00:17:50.729
Orlando Gentil: They have a very fast connection, and you could if, for example, you were running a
181
00:17:51.520 --> 00:17:57.520
Orlando Gentil: real, a wreck cluster, reapplication custom. I think that's it. I'm not that database guy.
182
00:17:57.750 --> 00:18:03.170
Orlando Gentil: the you can have one node in one AD in another node in another 80.
183
00:18:03.540 --> 00:18:06.870
Orlando Gentil: Just so you can have an idea how fast is the network.
184
00:18:07.560 --> 00:18:08.530
Orlando Gentil: The
185
00:18:09.260 --> 00:18:16.240
Orlando Gentil: you don't see that much difference on latency that would have problem having notes separated that way.
186
00:18:19.220 --> 00:18:20.670
Orlando Gentil: And
187
00:18:20.960 --> 00:18:26.589
Orlando Gentil: no, I don't need this. We talked about the how the availability domains are
188
00:18:28.450 --> 00:18:31.899
Orlando Gentil: default domains. Let's go back here on the console.
189
00:18:32.690 --> 00:18:35.289
Orlando Gentil: so you can see what else you can do.
190
00:18:37.460 --> 00:18:41.229
Orlando Gentil: We discussed the region, what we have inside the region.
191
00:18:42.170 --> 00:18:46.450
Orlando Gentil: Let's look here. You have something that we call cloud show
192
00:18:47.520 --> 00:18:49.340
Orlando Gentil: that he'd see a
193
00:18:50.360 --> 00:18:54.509
Orlando Gentil: in the background. We have a container that it's assigned to you.
194
00:18:54.720 --> 00:18:58.760
Orlando Gentil: and this container will give you a bash. Shell
195
00:18:59.400 --> 00:19:06.120
Orlando Gentil: attach it to some storage, and you can use these if you need to
196
00:19:07.780 --> 00:19:14.319
Orlando Gentil: manage everything from the browser, if you need to. Ssh to a machine. If you have to issue commands
197
00:19:14.400 --> 00:19:16.410
to the operations
198
00:19:17.660 --> 00:19:21.029
Orlando Gentil: on the cloud. You can do things through this console.
199
00:19:21.260 --> 00:19:28.610
Orlando Gentil: or you can do things using something called the Oci Cli, the command line interface.
200
00:19:32.200 --> 00:19:34.699
Orlando Gentil: just to show you something here.
201
00:19:36.700 --> 00:19:38.429
Orlando Gentil: so I could get
202
00:19:40.390 --> 00:19:42.960
Orlando Gentil: some information using the cli.
203
00:19:43.680 --> 00:19:47.299
Orlando Gentil: This that I did here is the same as if I come here.
204
00:19:48.680 --> 00:19:50.390
Orlando Gentil: Go to my tenancy.
205
00:19:52.170 --> 00:19:55.410
Orlando Gentil: and I search for this information
206
00:19:56.740 --> 00:20:04.030
Orlando Gentil: so I can navigate and come here and use this shell that we will have a lot of utilities installed.
207
00:20:04.080 --> 00:20:08.920
Orlando Gentil: including the Oci Cli, or I can come here and navigate
208
00:20:08.960 --> 00:20:10.880
Orlando Gentil: and find this information.
209
00:20:11.090 --> 00:20:14.869
Orlando Gentil: Those are 2 ways of doing operations on the Cloud
210
00:20:14.990 --> 00:20:19.489
Orlando Gentil: a third way that you can do it through a rest. Api.
211
00:20:19.680 --> 00:20:21.270
Orlando Gentil: You can.
212
00:20:22.110 --> 00:20:26.290
Orlando Gentil: If there are tools that integrate with
213
00:20:26.570 --> 00:20:28.619
Orlando Gentil: you, have to set up authentication.
214
00:20:29.350 --> 00:20:33.640
Orlando Gentil: using keys. Everything is going to be encrypted, the communication
215
00:20:33.830 --> 00:20:48.359
Orlando Gentil: and you can use that to integrate to interact with oci. For example, your backup, software if you have a local backup solution, and you want to interact with oci. It was going to be done through the rest. Api.
216
00:20:49.100 --> 00:20:57.710
Orlando Gentil: So there are 3 ways to do things on the cloud. You are not limited just to this web. Console P. To this web, console.
217
00:20:57.890 --> 00:21:01.959
Orlando Gentil: or the cli. You have also the the rest. Api.
218
00:21:04.190 --> 00:21:06.399
Orlando Gentil: Let me close this guy here.
219
00:21:06.420 --> 00:21:08.199
Orlando Gentil: What else do we have
220
00:21:09.300 --> 00:21:12.680
Orlando Gentil: on this same icon? You have the code Editor.
221
00:21:13.900 --> 00:21:17.070
Orlando Gentil: If you are working, for example, with
222
00:21:17.550 --> 00:21:19.580
Orlando Gentil: devops, or your
223
00:21:19.670 --> 00:21:22.030
Orlando Gentil: actually developing a solution.
224
00:21:23.140 --> 00:21:25.950
Orlando Gentil: This here allows you to
225
00:21:26.950 --> 00:21:28.990
Orlando Gentil: have on the web browser
226
00:21:29.170 --> 00:21:30.400
Orlando Gentil: a
227
00:21:31.140 --> 00:21:32.660
Orlando Gentil: complete ide
228
00:21:32.940 --> 00:21:35.030
Orlando Gentil: where you can
229
00:21:35.270 --> 00:21:36.900
Orlando Gentil: work and
230
00:21:37.290 --> 00:21:40.749
Orlando Gentil: do anything you you need from a from a daily basis.
231
00:21:41.330 --> 00:21:45.820
Orlando Gentil: If you're familiar with Microsoft, this visual code
232
00:21:46.100 --> 00:21:47.270
Orlando Gentil: is visual code.
233
00:21:48.010 --> 00:21:52.150
Orlando Gentil: I forgot the name. It is visual studio code vs. Code.
234
00:21:53.160 --> 00:21:56.880
Orlando Gentil: You can come here. It's going to be the same interface that you have.
235
00:21:57.440 --> 00:21:59.999
Orlando Gentil: You can navigate the files that you have
236
00:22:00.570 --> 00:22:05.319
Orlando Gentil: saved on your 5 GB of storage that you have for cloud show.
237
00:22:06.830 --> 00:22:19.759
Orlando Gentil: If you connect with a Github, for example. So this gives you flexibility that if you are on the run, let's say you attended the conference, you lost your notebook, you don't have anything, or you don't want to use.
238
00:22:21.930 --> 00:22:32.950
Orlando Gentil: They don't want to have to connect to a VPN. Or anything. This web console is with this code editor here gives you some tools to work on the cloud on the go.
239
00:22:33.100 --> 00:22:37.290
Orlando Gentil: If you don't have your toolbox with you.
240
00:22:42.570 --> 00:22:44.439
Orlando Gentil: The other thing that we have
241
00:22:44.970 --> 00:22:48.310
Orlando Gentil: announcements, If you have a maintenance coming.
242
00:22:48.840 --> 00:22:52.679
Orlando Gentil: anything from your subscription is going to be summarized Here.
243
00:22:54.190 --> 00:22:55.520
Orlando Gentil: General, help
244
00:22:56.280 --> 00:23:01.150
Orlando Gentil: that you have shortcuts for the documentation to open a ticket.
245
00:23:01.940 --> 00:23:08.310
Orlando Gentil: request a limit increase. We're going to get to that. When we talk about the resources
246
00:23:10.300 --> 00:23:12.670
Orlando Gentil: next. You can choose the language. If you
247
00:23:12.770 --> 00:23:16.489
Orlando Gentil: once you have a different language. And here, on the profile
248
00:23:16.710 --> 00:23:21.060
Orlando Gentil: you have information about your user the tendency.
249
00:23:21.710 --> 00:23:24.310
Orlando Gentil: the settings that you have for the user
250
00:23:24.890 --> 00:23:27.159
Orlando Gentil: and the console settings.
251
00:23:27.470 --> 00:23:29.359
Orlando Gentil: and also they loved out.
252
00:23:29.670 --> 00:23:32.479
Orlando Gentil: So this is briefly what you see
253
00:23:32.590 --> 00:23:34.159
Orlando Gentil: on this initial screen.
254
00:23:34.540 --> 00:23:36.279
Orlando Gentil: plus with
255
00:23:37.360 --> 00:23:39.770
Orlando Gentil: on the bottom. Here service links.
256
00:23:40.390 --> 00:23:50.389
Orlando Gentil: Is it just a different way to access what you are using? You can customize this first time you log in it will offer you a profile.
257
00:23:50.670 --> 00:23:53.020
Orlando Gentil: so you can change the profile here.
258
00:23:53.070 --> 00:24:00.489
Orlando Gentil: depending on the role that you have, and it will try to pick exactly what are the services that might interest you more
259
00:24:03.900 --> 00:24:07.569
Orlando Gentil: for the next session. You have a quick start.
260
00:24:07.670 --> 00:24:11.139
Orlando Gentil: There are articles where you can see
261
00:24:11.480 --> 00:24:16.740
Orlando Gentil: how to deploy some applications how some solution works.
262
00:24:17.290 --> 00:24:29.440
Orlando Gentil: so they most likely link it to some documentation that gives you the architecture, the reference architecture. So you can understand what's going to be deployed in your tendency.
263
00:24:29.540 --> 00:24:33.710
What are the recommendations? What do you need to consider about?
264
00:24:34.830 --> 00:24:41.169
Orlando Gentil: And most of the ones that are listed here? They come with
265
00:24:42.080 --> 00:24:52.579
Orlando Gentil: with deployment scripts. So you don't have to take time installing the whole solution. You can just do a one-click deployment.
266
00:24:52.810 --> 00:24:58.520
Orlando Gentil: and it will be ready for you just to play with the parts that you need. You don't have to
267
00:24:58.540 --> 00:24:59.890
Orlando Gentil: spend time
268
00:25:00.640 --> 00:25:09.349
Orlando Gentil: trying to figure how one piece works with the other. How the database connects to the application. How do you access from the outside
269
00:25:09.600 --> 00:25:13.100
Orlando Gentil: these scripts here? They will manage everything for you.
270
00:25:14.870 --> 00:25:25.429
Orlando Gentil: Here is just some wizards that they have these wizards can be. They're shown here on this screen. Or, for example, if we come to a compute
271
00:25:26.360 --> 00:25:28.469
Orlando Gentil: when you click on instances.
272
00:25:29.900 --> 00:25:31.270
Orlando Gentil: create instance.
273
00:25:31.560 --> 00:25:37.569
Orlando Gentil: it will go and open the same. It will take you here to the same place.
274
00:25:38.760 --> 00:25:41.890
Orlando Gentil: So if you're kind of lost, you don't know where to go.
275
00:25:42.000 --> 00:25:44.930
Orlando Gentil: This initial screen can give you some pointers.
276
00:25:45.930 --> 00:25:51.910
Orlando Gentil: or if you start navigating here, most likely you will get to the same place where the short goods are.
277
00:25:52.260 --> 00:25:54.500
Orlando Gentil: so that just shortcuts.
278
00:25:56.500 --> 00:25:58.219
Orlando Gentil: No, that you
279
00:25:58.380 --> 00:26:00.799
Orlando Gentil: have had the look on
280
00:26:01.950 --> 00:26:04.800
Orlando Gentil: the the first look on the Oci Council.
281
00:26:05.220 --> 00:26:07.509
Orlando Gentil: I'm going to go back to the boring part.
282
00:26:07.710 --> 00:26:11.789
Orlando Gentil: Let's talk a little bit about oci security.
283
00:26:13.260 --> 00:26:14.600
Orlando Gentil: But you can understand
284
00:26:15.610 --> 00:26:19.559
Orlando Gentil: how you going to start to use this, and how you can wait.
285
00:26:20.230 --> 00:26:23.120
Orlando Gentil: What do you have to the way the factors.
286
00:26:23.740 --> 00:26:26.389
Orlando Gentil: When you decide to move to the cloud.
287
00:26:28.200 --> 00:26:30.180
Orlando Gentil: It's my most.
288
00:26:33.010 --> 00:26:36.200
Orlando Gentil: We're going to discuss the shared responsibility model.
289
00:26:36.400 --> 00:26:40.720
Orlando Gentil: So you can understand what you you have on premises. What do you have on the cloud?
290
00:26:41.260 --> 00:26:43.580
Orlando Gentil: Some key? Oci features!
291
00:26:44.070 --> 00:26:46.400
Orlando Gentil: How do you work? How do you secure?
292
00:26:47.110 --> 00:26:55.210
Orlando Gentil: We're going to go through some use case for security, and in the end show some compliance and certifications that we abide.
293
00:26:55.360 --> 00:26:58.169
Orlando Gentil: and how that applies
294
00:26:58.210 --> 00:26:59.979
Orlando Gentil: to your environment.
295
00:27:05.110 --> 00:27:08.520
Orlando Gentil: Security on Oci is divided in several areas.
296
00:27:08.640 --> 00:27:12.820
Orlando Gentil: So detection data, protection OS workloads, identity
297
00:27:13.150 --> 00:27:17.329
Orlando Gentil: infrastructure. How do things work? For example, on the tech?
298
00:27:17.950 --> 00:27:19.510
Orlando Gentil: Excuse me, just a second.
299
00:27:26.930 --> 00:27:28.290
Orlando Gentil: Sorry for that. But
300
00:27:30.330 --> 00:27:33.929
Orlando Gentil: allergies here are kicking really hard here in Austin.
301
00:27:34.210 --> 00:27:34.890
Orlando Gentil: So.
302
00:27:34.930 --> 00:27:37.030
Orlando Gentil: going back.
303
00:27:37.310 --> 00:27:41.020
Orlando Gentil: we are all talking about detection and remediation.
304
00:27:41.800 --> 00:27:46.799
Orlando Gentil: There are some features in products that we integrate.
305
00:27:47.040 --> 00:27:53.819
Orlando Gentil: And, for example, let's start from here the vulnerability scanning fe service.
306
00:27:54.900 --> 00:27:58.390
Orlando Gentil: You have agents that we run on the
307
00:27:58.570 --> 00:28:03.550
Orlando Gentil: instances, your compute your computers. That will be on the cloud.
308
00:28:03.880 --> 00:28:08.080
Orlando Gentil: and it scans for vulnerabilities and give you a report.
309
00:28:09.420 --> 00:28:11.199
Orlando Gentil: We've security adviser.
310
00:28:11.260 --> 00:28:14.359
Orlando Gentil: It's a a service
311
00:28:14.480 --> 00:28:19.780
Orlando Gentil: that will give you the best practice for several areas, and it's
312
00:28:20.120 --> 00:28:28.280
Orlando Gentil: they have like recipes that we keep enhancing all all the time, and you can be updated as
313
00:28:28.710 --> 00:28:36.050
Orlando Gentil: as the recipes get updated, you can get update that in your environment as well. What's the best practice? How to mitigate
314
00:28:36.390 --> 00:28:38.070
Orlando Gentil: different things?
315
00:28:40.200 --> 00:28:43.769
Orlando Gentil: Secret zones and Cloud Guards secret son is the future
316
00:28:45.200 --> 00:28:47.520
Orlando Gentil: that will create
317
00:28:50.110 --> 00:28:53.530
Orlando Gentil: a very strict standards on security
318
00:28:54.950 --> 00:28:56.750
Orlando Gentil: and club guard did so.
319
00:28:56.980 --> 00:28:58.980
Orlando Gentil: Service that oversees
320
00:28:59.310 --> 00:29:05.040
Orlando Gentil: all security information in the in Oci in your tenancy.
321
00:29:05.910 --> 00:29:11.380
Orlando Gentil: and it points you to the security advisor. It has reports on
322
00:29:11.650 --> 00:29:12.829
Orlando Gentil: what is wrong.
323
00:29:12.890 --> 00:29:15.480
Orlando Gentil: Give you suggestions how you can do that
324
00:29:17.830 --> 00:29:27.289
Orlando Gentil: when you go to the data protection you will have the vault service where you can store your keys for encryption. You can store secrets.
325
00:29:28.310 --> 00:29:33.340
Orlando Gentil: Now you have data safe that grains security access to the
326
00:29:33.530 --> 00:29:34.980
Orlando Gentil: to the database.
327
00:29:35.060 --> 00:29:38.329
Orlando Gentil: I think I have another slide just on the the data safe.
328
00:29:38.740 --> 00:29:42.169
Orlando Gentil: and you even have a Ca: management.
329
00:29:43.070 --> 00:29:49.760
Orlando Gentil: But you can store your certificates where you can import certificates that you have from third parties.
330
00:29:50.470 --> 00:29:53.240
Orlando Gentil: It's just like a certificate fault.
331
00:29:53.580 --> 00:29:54.310
Orlando Gentil: but
332
00:29:54.490 --> 00:29:56.830
Orlando Gentil: it is a certificate fault
333
00:29:57.190 --> 00:30:01.050
Orlando Gentil: the vote service. It's more for encryption keys.
334
00:30:01.080 --> 00:30:02.459
Orlando Gentil: If you have to do that
335
00:30:03.520 --> 00:30:05.459
Orlando Gentil: in the Us. Level
336
00:30:05.490 --> 00:30:08.190
Orlando Gentil: we have what we call shooted instances
337
00:30:08.450 --> 00:30:12.220
Orlando Gentil: where the instance we have access to
338
00:30:13.410 --> 00:30:16.650
Orlando Gentil: a Tpm. A piece of hardware that we will ensure
339
00:30:17.280 --> 00:30:21.299
Orlando Gentil: that if it detects that the
340
00:30:21.510 --> 00:30:29.920
Orlando Gentil: bootloader or the OS was compromised prevent the OS and the bootloader from being compromised. It will monitor that
341
00:30:30.280 --> 00:30:38.660
Orlando Gentil: we have the option to have dedicated host when we go to compute the compute session. We're gonna talk more about it.
342
00:30:39.470 --> 00:30:41.480
Orlando Gentil: What is the dedicated host?
343
00:30:42.230 --> 00:30:44.710
We have a best chunk service.
344
00:30:46.200 --> 00:30:52.440
Orlando Gentil: You You are outside of the cloud. You have to find you have to have a wage connect to
345
00:30:52.660 --> 00:31:01.429
Orlando Gentil: to your infrastructure in a secure way without exposing your infrastructure. So with the best you can use that
346
00:31:02.190 --> 00:31:04.680
Orlando Gentil: to move and
347
00:31:05.810 --> 00:31:11.710
Orlando Gentil: manage inside your your infrastructure the operations that you can't do from the control panel.
348
00:31:12.110 --> 00:31:16.379
Orlando Gentil: So the list goes on and on. We gonna go through several of this.
349
00:31:16.640 --> 00:31:23.499
Orlando Gentil: I think i'm the I'm doing wrong, because i'm taking too much time on this, and we have several slides with more
350
00:31:23.560 --> 00:31:24.950
Orlando Gentil: information here
351
00:31:27.120 --> 00:31:32.580
Orlando Gentil: in the cloud. We say that you have a shared secret model. Why.
352
00:31:32.880 --> 00:31:34.140
Orlando Gentil: on premises
353
00:31:34.520 --> 00:31:36.069
Orlando Gentil: everything used on you.
354
00:31:36.610 --> 00:31:46.680
Orlando Gentil: But when I say on you your company you might not be responsible for physical security. But there's someone that is responsible for fuel, physical security.
355
00:31:46.790 --> 00:31:50.249
Orlando Gentil: A lot of times we don't take that into account.
356
00:31:50.890 --> 00:31:53.520
Orlando Gentil: me included when I was
357
00:31:53.740 --> 00:32:02.110
Orlando Gentil: operating like a suicide, me and all that. I could not care less about a lot of these things. But that was a long time ago.
358
00:32:02.380 --> 00:32:04.349
Orlando Gentil: and
359
00:32:04.570 --> 00:32:06.179
Orlando Gentil: the way that
360
00:32:06.240 --> 00:32:08.390
Orlando Gentil: things are organized today they are
361
00:32:09.570 --> 00:32:13.419
Orlando Gentil: better documented. We it's more mature in all that.
362
00:32:13.810 --> 00:32:15.710
Orlando Gentil: So we have to consider
363
00:32:16.940 --> 00:32:30.859
Orlando Gentil: things like physical security, like the your physical data center, you have to take care about air conditioning. You have to take care about electricity. You have to make sure that the everything is in place and it's working.
364
00:32:31.120 --> 00:32:33.729
Orlando Gentil: You have to take care about the
365
00:32:34.000 --> 00:32:44.759
Orlando Gentil: systems in the sense that who has access to what? When you have to audit. You have to worry about the life cycle of the devices
366
00:32:45.290 --> 00:32:47.549
Orlando Gentil: that you have on the data center.
367
00:32:47.910 --> 00:32:49.950
Orlando Gentil: All of that it's on you
368
00:32:50.390 --> 00:32:52.270
Orlando Gentil: when you move to the cloud.
369
00:32:52.330 --> 00:32:54.560
Orlando Gentil: most of the
370
00:32:54.950 --> 00:33:03.540
Orlando Gentil: if we, when we're talking about infrastructure, that part is to just offset to to the Cloud provider.
371
00:33:03.950 --> 00:33:10.979
Orlando Gentil: So on oci. You don't have to worry about the procurement of the. If you're going to buy a new server.
372
00:33:11.380 --> 00:33:16.839
Orlando Gentil: you just have the ability to go there and create allocate, the new server.
373
00:33:17.360 --> 00:33:23.299
Orlando Gentil: and we're gonna take a look at that. You don't have to worry about a/C. You don't have to worry about doing them
374
00:33:23.370 --> 00:33:29.309
Orlando Gentil: A/C maintenance, for example, or the no break maintenance. All this kind of things
375
00:33:29.410 --> 00:33:32.249
Orlando Gentil: you focus on managing your data.
376
00:33:32.520 --> 00:33:35.549
Orlando Gentil: your virtual devices, not necessarily
377
00:33:35.590 --> 00:33:38.540
Orlando Gentil: the host that they will be running running on.
378
00:33:38.560 --> 00:33:41.190
Orlando Gentil: That is taken care. By the
379
00:33:41.780 --> 00:33:43.130
Orlando Gentil: by, oci.
380
00:33:43.340 --> 00:33:51.070
Orlando Gentil: you have to manage your accounts and identities. We will give you the tools where you can
381
00:33:51.710 --> 00:33:58.050
Orlando Gentil: create the users, create the groups, delegate what is necessary.
382
00:33:59.340 --> 00:34:03.050
Orlando Gentil: and the user will only be able to do
383
00:34:03.100 --> 00:34:05.280
Orlando Gentil: the things that you assign them to do.
384
00:34:05.850 --> 00:34:08.849
Orlando Gentil: You will also control the network.
385
00:34:09.659 --> 00:34:17.679
Orlando Gentil: We provide you the network, but the way that the network operates it's totally up to you. You're going to define the
386
00:34:17.820 --> 00:34:19.720
Orlando Gentil: the virtual networks.
387
00:34:19.770 --> 00:34:27.859
Orlando Gentil: how the routing is done, what is connected which networks are connected, how they are connected, what's the traffic between them?
388
00:34:28.670 --> 00:34:32.620
Orlando Gentil: And you will also manage the operating system.
389
00:34:34.659 --> 00:34:38.730
Orlando Gentil: You will decide what is the operating system, how it will be set up.
390
00:34:39.739 --> 00:34:41.230
Orlando Gentil: You know all these things.
391
00:34:44.360 --> 00:34:47.010
Orlando Gentil: How do we manage identity.
392
00:34:47.080 --> 00:35:02.619
Orlando Gentil: We're gonna go through a whole presentation just on identity management. So you can have details, but we have something called identity domains that it's an abstraction that we have around
393
00:35:02.690 --> 00:35:08.370
Orlando Gentil: the users, the groups, the kind of authentication that they have.
394
00:35:09.320 --> 00:35:10.560
Orlando Gentil: and this
395
00:35:10.680 --> 00:35:16.570
Orlando Gentil: in your account you can have a different different identity domains depending on the
396
00:35:16.600 --> 00:35:20.049
Orlando Gentil: type of this grouping that you do here
397
00:35:20.190 --> 00:35:25.569
Orlando Gentil: so you could have one identity domains for your external clients.
398
00:35:25.630 --> 00:35:27.820
Orlando Gentil: Let's say you have
399
00:35:30.050 --> 00:35:38.999
Orlando Gentil: you have a solution that you deployed on oci, and you don't have a that solution. You didn't have like a an internal l that for
400
00:35:39.230 --> 00:35:44.250
Orlando Gentil: anything that to control the users. You can create an identity domain for that.
401
00:35:44.690 --> 00:35:50.220
Orlando Gentil: And that identity domain is where you're gonna host all the users for for you.
402
00:35:50.340 --> 00:35:54.119
Orlando Gentil: It's like. If you are having identity as a service.
403
00:35:55.810 --> 00:36:04.939
you are gonna have another identity domains where you gonna have the users. That will be Your network head means your storage admins
404
00:36:05.560 --> 00:36:10.650
Orlando Gentil: to manage that. So identity domains. Allow you to segregate
405
00:36:11.350 --> 00:36:12.790
Orlando Gentil: those roles.
406
00:36:13.310 --> 00:36:17.349
Orlando Gentil: and, together with policy compartments and network sources.
407
00:36:18.490 --> 00:36:21.840
Orlando Gentil: That's how you gonna manage your users
408
00:36:21.870 --> 00:36:24.069
Orlando Gentil: and the identity security.
409
00:36:27.240 --> 00:36:34.899
Orlando Gentil: I will jump this slide, because, as I mentioned, we have a whole presentation just on identity and access management.
410
00:36:35.050 --> 00:36:37.149
Orlando Gentil: But this is how things tie together.
411
00:36:37.560 --> 00:36:39.709
Orlando Gentil: I want to go on. The details here.
412
00:36:39.810 --> 00:36:41.659
Orlando Gentil: Move to the other one.
413
00:36:46.100 --> 00:36:52.500
Orlando Gentil: When we saw the manager, the responsibilities in the sorry the shared the responsibility model.
414
00:36:53.310 --> 00:36:55.910
Orlando Gentil: We pro. I told you that we provide
415
00:36:55.980 --> 00:36:57.080
Orlando Gentil: the network
416
00:36:57.740 --> 00:37:08.320
Orlando Gentil: The way that we provide the network is the physical network that you'll be using. And on top of that network we will create a software-defined network
417
00:37:09.330 --> 00:37:16.400
Orlando Gentil: on that software defined network. You will define how you connect from your on-premises.
418
00:37:19.220 --> 00:37:23.979
Orlando Gentil: Your data center could be local could be a call location that you have on a different provider
419
00:37:24.710 --> 00:37:28.490
Orlando Gentil: could be if even a different cloud provider
420
00:37:28.760 --> 00:37:30.270
Orlando Gentil: that you can connect
421
00:37:30.610 --> 00:37:36.349
Orlando Gentil: and with you know, Ci, you will create your network, and you're gonna
422
00:37:36.620 --> 00:37:44.110
Orlando Gentil: organize how you are going to divide with the different components and how each network, how each
423
00:37:44.660 --> 00:37:50.999
Orlando Gentil: slice of the network that you create, how many to you communicate one with another
424
00:37:54.350 --> 00:37:58.499
Orlando Gentil: through the route tables and the security.
425
00:38:00.400 --> 00:38:03.909
Orlando Gentil: the security resources, the great components that you can use.
426
00:38:07.060 --> 00:38:12.810
Orlando Gentil: I will jump this because we have that on the network. We're gonna see that from the network.
427
00:38:13.380 --> 00:38:15.480
Orlando Gentil: But security list is a
428
00:38:16.630 --> 00:38:20.079
Orlando Gentil: you don't have, like a physical firewall per se.
429
00:38:20.800 --> 00:38:26.570
Orlando Gentil: The first level you you have a firewall that you can set up as a device.
430
00:38:27.190 --> 00:38:34.220
Orlando Gentil: But you don't have to, because if we provide the security list and something else called
431
00:38:34.410 --> 00:38:36.059
Orlando Gentil: network security groups
432
00:38:36.140 --> 00:38:41.279
Orlando Gentil: as your first layer of control of the network traffic.
433
00:38:41.730 --> 00:38:44.020
Orlando Gentil: You're gonna get more details on that.
434
00:38:44.600 --> 00:38:49.760
Orlando Gentil: It to explain what's the difference between the secret list and the Network Security group
435
00:38:49.990 --> 00:38:51.049
Orlando Gentil: for? Now
436
00:38:51.070 --> 00:38:53.340
Orlando Gentil: let's give it. This the
437
00:38:54.260 --> 00:38:57.989
Orlando Gentil: your, the local firewall, for your instance.
438
00:38:58.160 --> 00:39:02.589
Orlando Gentil: for your virtual. If we come back, let's see if I can go back here.
439
00:39:05.030 --> 00:39:08.210
Orlando Gentil: When you connect to the subnet.
440
00:39:08.380 --> 00:39:12.839
Orlando Gentil: You have, like a real nick that goes on every service.
441
00:39:13.610 --> 00:39:18.300
Orlando Gentil: So the firewall that operates on that connection.
442
00:39:18.680 --> 00:39:24.919
Orlando Gentil: It could be the cigarette list combined with the network security groups. That's what you have to dress for now
443
00:39:28.980 --> 00:39:30.539
with the best.
444
00:39:30.610 --> 00:39:34.409
Orlando Gentil: I kind of spend some time talking about. What is it?
445
00:39:34.690 --> 00:39:40.999
Orlando Gentil: It's a way. It's a service that gives you tunnels, so you can work through.
446
00:39:41.180 --> 00:39:45.979
Orlando Gentil: and you can make Ssh. Connections or use the Ssh tunnel
447
00:39:46.210 --> 00:39:48.700
Orlando Gentil: for external application connections.
448
00:39:49.800 --> 00:40:03.999
Orlando Gentil: You don't have to manage the service usually. If, when you don't have a bastion as a service, you have to install a Linux box or a windows box that will make that role for you, and you have to manage
449
00:40:04.090 --> 00:40:06.029
Orlando Gentil: with the best from service.
450
00:40:06.170 --> 00:40:11.140
Orlando Gentil: You just have to create the sessions that you want to
451
00:40:11.320 --> 00:40:14.199
Orlando Gentil: grant access. You don't have to manage the
452
00:40:15.580 --> 00:40:19.099
Orlando Gentil: this simple instance that I told you that you should have.
453
00:40:19.230 --> 00:40:21.349
Orlando Gentil: and you don't have to
454
00:40:21.530 --> 00:40:25.060
Orlando Gentil: type the security. There, you don't have to make any hardening.
455
00:40:25.150 --> 00:40:27.640
Orlando Gentil: You don't do anything like that. It's just
456
00:40:27.700 --> 00:40:32.300
Orlando Gentil: okay. I need the national service. You instantiate that
457
00:40:33.570 --> 00:40:34.470
Orlando Gentil: you you.
458
00:40:34.610 --> 00:40:43.690
Orlando Gentil: You provision an instance for you, and we think that instance you. You have your tunnels. It will make the connection with the external
459
00:40:43.790 --> 00:40:44.890
Orlando Gentil: users
460
00:40:45.660 --> 00:40:49.169
Orlando Gentil: to the subnets and the Vc. That you want.
461
00:40:49.370 --> 00:40:51.990
Orlando Gentil: So all this
462
00:40:54.730 --> 00:40:57.130
Orlando Gentil: the laser point is not working.
463
00:40:58.960 --> 00:41:02.860
Orlando Gentil: so you just have to work on this part here
464
00:41:03.560 --> 00:41:07.119
Orlando Gentil: where it's a support. 22 part, 1521.
465
00:41:07.690 --> 00:41:14.800
Orlando Gentil: Those are the only things that you will have to worry about managing. You create the session that will define how it's going to be the communication.
466
00:41:16.170 --> 00:41:19.340
Orlando Gentil: and all the rest is Manage it for you.
467
00:41:21.860 --> 00:41:25.120
Orlando Gentil: I didn't start talking about costs of services.
468
00:41:25.150 --> 00:41:34.249
Orlando Gentil: but something that the most oci differentiates from the other providers is a lot of services that we have.
469
00:41:34.710 --> 00:41:40.689
Orlando Gentil: It's a kind of we see as a necessary services, so we don't charge for them.
470
00:41:40.780 --> 00:41:48.109
Orlando Gentil: Bastion, for example, is one of the services that we don't charge. We understand that that security should be part of the
471
00:41:48.680 --> 00:41:57.800
Orlando Gentil: package that you have when you are using the call provider. So we don't charge for a lot of services that in some of the providers
472
00:41:58.140 --> 00:42:00.710
Orlando Gentil: they are. Charge it separatedly.
473
00:42:00.760 --> 00:42:01.719
Orlando Gentil: We just
474
00:42:01.800 --> 00:42:03.480
Orlando Gentil: It's part of the whole package.
475
00:42:03.540 --> 00:42:05.099
Orlando Gentil: There's no cost for it.
476
00:42:08.340 --> 00:42:10.730
They are based on oci.
477
00:42:11.760 --> 00:42:14.680
Orlando Gentil: We're not going to go g phone database. But
478
00:42:14.880 --> 00:42:16.379
Orlando Gentil: you have
479
00:42:17.670 --> 00:42:26.690
Orlando Gentil: 3 options of a database is on oci. You have the traditional database cloud service, the traditional database that we go as a database cloud service
480
00:42:27.190 --> 00:42:29.270
Orlando Gentil: where you have
481
00:42:29.480 --> 00:42:35.030
Orlando Gentil: an instance where it's going to be running your call, you can ssh to the instance, and
482
00:42:35.440 --> 00:42:40.049
Orlando Gentil: play the same way that you would do with your oracle server on premises.
483
00:42:40.310 --> 00:42:42.639
Orlando Gentil: We have exceeded the cloud
484
00:42:42.960 --> 00:42:43.979
Orlando Gentil: eats up.
485
00:42:45.340 --> 00:42:50.339
Orlando Gentil: I don't I I don't anything. I think that anything I see ex the data I'm gonna
486
00:42:50.600 --> 00:42:53.379
Orlando Gentil: undervalue what it has. But it's a
487
00:42:53.650 --> 00:43:08.199
Orlando Gentil: the state of art of the databases that we have with the hardware, and is the whole stack provision here? You have access to that on the cloud, and you can go all the way from
488
00:43:08.690 --> 00:43:16.490
Orlando Gentil: a a full wreck, and you can go with I think it. I think the the smallest one is a quarter
489
00:43:17.150 --> 00:43:20.730
Orlando Gentil: of a wreck that you can provision to you
490
00:43:21.620 --> 00:43:22.699
Orlando Gentil: on the cloud.
491
00:43:23.130 --> 00:43:26.919
Orlando Gentil: and we have autonomous database. That is
492
00:43:28.630 --> 00:43:30.579
Orlando Gentil: a flavor of database
493
00:43:31.230 --> 00:43:44.330
Orlando Gentil: that we've a lot of automation on that that lets you focus on more on using the data than having to manage and find tuning that is done through. That's done automatically to you.
494
00:43:45.930 --> 00:43:51.460
Orlando Gentil: For all these 3 options we you have the control to the act, control access
495
00:43:52.060 --> 00:43:55.169
Orlando Gentil: on how the access is going to be performed.
496
00:43:56.420 --> 00:44:00.870
Orlando Gentil: All the safeguards that traditionally are on the database are available here.
497
00:44:01.380 --> 00:44:06.170
Orlando Gentil: You can count with the same infrastructure that you have for data encryption.
498
00:44:06.620 --> 00:44:09.580
Patching is automated in all 3
499
00:44:10.670 --> 00:44:17.580
Orlando Gentil: you control. When the patch is going to be applied, what are the patches that we will be applied that are relevant for you.
500
00:44:17.710 --> 00:44:20.560
Orlando Gentil: and we even offer a secured assessment.
501
00:44:20.780 --> 00:44:26.289
Orlando Gentil: checking, if you have what you need to have in order to be secure.
502
00:44:30.980 --> 00:44:33.250
Orlando Gentil: The database is on oci
503
00:44:34.620 --> 00:44:46.059
Orlando Gentil: you can have. You can control access based at least for autonomous. You can control. Based on the I am users so identity as a services. That's but this way
504
00:44:46.200 --> 00:44:47.359
Orlando Gentil: that we have.
505
00:44:48.740 --> 00:44:52.229
Orlando Gentil: But if you the way that we control
506
00:44:52.610 --> 00:44:57.910
Orlando Gentil: it does not allow users to delete databases, for example, by accident
507
00:44:59.130 --> 00:45:00.419
Orlando Gentil: the
508
00:45:01.390 --> 00:45:03.690
Orlando Gentil: you have access to the backups.
509
00:45:03.970 --> 00:45:04.600
Orlando Gentil: Yeah.
510
00:45:04.810 --> 00:45:08.399
Orlando Gentil: automatic back backups, manual backups
511
00:45:08.560 --> 00:45:11.190
Orlando Gentil: that you can control, that
512
00:45:12.240 --> 00:45:16.630
Orlando Gentil: the Vm. Based at Thebcs is the database cloud service
513
00:45:17.390 --> 00:45:20.550
Orlando Gentil: is how this you just to go straight.
514
00:45:20.820 --> 00:45:29.129
Orlando Gentil: something that we're gonna show on the when we talk about compute because they leverage all this, the underlying infrastructure
515
00:45:29.220 --> 00:45:34.419
Orlando Gentil: the same way that if you have for the other compute instances that you you have.
516
00:45:37.410 --> 00:45:40.219
we have the data safe service
517
00:45:41.290 --> 00:45:47.129
Orlando Gentil: again. I'm not a Gb. Guy. I don't know if I say anything about this service here.
518
00:45:47.570 --> 00:45:51.239
Orlando Gentil: I might be giving you the wrong idea on
519
00:45:51.710 --> 00:45:53.660
Orlando Gentil: what is it? What it does?
520
00:45:53.820 --> 00:45:59.350
Orlando Gentil: But you can take advantage of it either, for on premises and in the cloud.
521
00:46:00.700 --> 00:46:06.620
Orlando Gentil: and with this set of dashboards it will give you information for your security assessment
522
00:46:06.760 --> 00:46:08.740
Orlando Gentil: how your users are doing
523
00:46:10.190 --> 00:46:15.669
Orlando Gentil: data, discovery and data masking. It's something that it's more for the did. You guys.
524
00:46:16.140 --> 00:46:16.910
Orlando Gentil: I will
525
00:46:17.470 --> 00:46:19.179
Orlando Gentil: take a I will pass on that.
526
00:46:19.450 --> 00:46:21.669
Orlando Gentil: and
527
00:46:23.440 --> 00:46:28.389
Orlando Gentil: it will allow you to give access on how things are being used.
528
00:46:28.470 --> 00:46:34.220
Orlando Gentil: and you have the track of who's operating? And how do you operate
529
00:46:34.630 --> 00:46:35.669
Orlando Gentil: on the cloud
530
00:46:39.750 --> 00:46:44.319
Orlando Gentil: when we talked about data safe. I showed you I told you that we have this slide, showing
531
00:46:44.940 --> 00:46:47.339
Orlando Gentil: how is the
532
00:46:49.740 --> 00:46:51.759
Orlando Gentil: we would have a slide on on this.
533
00:46:53.020 --> 00:46:53.819
Orlando Gentil: so
534
00:46:54.380 --> 00:47:02.089
Orlando Gentil: that illustrates how you can connect your databases to the database services on those Ci or on premises.
535
00:47:02.980 --> 00:47:06.950
Orlando Gentil: This here means you can go over the Internet.
536
00:47:07.020 --> 00:47:09.209
Orlando Gentil: You have a private tend to point.
537
00:47:10.870 --> 00:47:15.479
Orlando Gentil: and with the VPN you can hide all that connection.
538
00:47:15.980 --> 00:47:26.250
Orlando Gentil: So you have on premises. You establish a connection with oci using VPN. Or something that we call fast connect is a dedicated connection.
539
00:47:27.190 --> 00:47:30.569
Orlando Gentil: and on that you will have a
540
00:47:30.860 --> 00:47:32.350
Orlando Gentil: a private endpoint.
541
00:47:32.720 --> 00:47:35.140
Orlando Gentil: This on-premises connector here.
542
00:47:35.240 --> 00:47:39.859
Orlando Gentil: It establishes a tunnel with what you have on premises. So you can exchange
543
00:47:40.360 --> 00:47:43.689
Orlando Gentil: information through a secure channel.
544
00:47:43.990 --> 00:47:48.989
Orlando Gentil: instead of going like a through all the Internet with just with just with the data encryption.
545
00:47:53.070 --> 00:47:55.460
This is object storage.
546
00:47:56.170 --> 00:47:59.369
Orlando Gentil: We didn't talk about what is subject storage.
547
00:48:00.250 --> 00:48:05.650
Orlando Gentil: But I will save that for the storage section that we have.
548
00:48:06.290 --> 00:48:15.740
Orlando Gentil: For now, if you're curious what you subject to, if you're coming from another cloud is, for example, on aws they call s 3.
549
00:48:17.050 --> 00:48:19.520
Orlando Gentil: It's a kind of a flat
550
00:48:19.970 --> 00:48:23.240
Orlando Gentil: no higher.
551
00:48:23.920 --> 00:48:25.479
Orlando Gentil: It's a flat storage
552
00:48:25.550 --> 00:48:29.420
Orlando Gentil: where you can throw pretty much any kind of data.
553
00:48:30.630 --> 00:48:32.600
Orlando Gentil: If you can upload it.
554
00:48:32.650 --> 00:48:33.879
Orlando Gentil: It will be there.
555
00:48:34.290 --> 00:48:38.949
Orlando Gentil: And this is just to highlight the features regarding security that we offer
556
00:48:39.060 --> 00:48:45.500
Orlando Gentil: for this type of storage. We're going to get more details on object storage when we go to the
557
00:48:45.590 --> 00:48:46.680
Orlando Gentil: the session
558
00:48:46.990 --> 00:48:48.330
Orlando Gentil: on storage.
559
00:48:49.780 --> 00:48:51.229
Orlando Gentil: This is so handling
560
00:48:51.700 --> 00:48:54.199
Orlando Gentil: everything on oci
561
00:48:54.820 --> 00:48:57.429
Orlando Gentil: all the services they have, the option.
562
00:48:58.230 --> 00:49:01.629
Orlando Gentil: 99%. I'm not gonna say all of them.
563
00:49:01.650 --> 00:49:03.209
Orlando Gentil: Some you have to
564
00:49:03.770 --> 00:49:05.749
Orlando Gentil: do some extra steps.
565
00:49:05.790 --> 00:49:10.790
Orlando Gentil: but 99.9 of the services they will have Ssl. Enabled.
566
00:49:11.440 --> 00:49:13.859
Orlando Gentil: and that we will ensure that
567
00:49:14.040 --> 00:49:16.290
Orlando Gentil: even if you are doing
568
00:49:16.380 --> 00:49:19.590
Orlando Gentil: the traffic is going through an unprotected network.
569
00:49:19.920 --> 00:49:22.080
Orlando Gentil: they will be encrypted.
570
00:49:23.010 --> 00:49:26.599
Orlando Gentil: We've the most advanced that iss available
571
00:49:27.220 --> 00:49:30.180
Orlando Gentil: to avoid the the data to be exposed.
572
00:49:33.210 --> 00:49:36.409
Orlando Gentil: Web application, firewall.
573
00:49:36.680 --> 00:49:39.190
Orlando Gentil: What can I say about this guy? Because
574
00:49:39.520 --> 00:49:41.949
Orlando Gentil: I don't know if it's covered on the
575
00:49:44.680 --> 00:49:52.799
Orlando Gentil: on the network part. But if your application you need, if you want to give some extra security.
576
00:49:52.940 --> 00:49:56.029
Orlando Gentil: the web application, firewall it's
577
00:49:56.460 --> 00:49:58.299
Orlando Gentil: if we have to simplify.
578
00:49:59.230 --> 00:50:01.949
Orlando Gentil: It's a layer 7 firewall.
579
00:50:02.180 --> 00:50:05.479
Orlando Gentil: exclusive for http protocol
580
00:50:05.870 --> 00:50:11.390
Orlando Gentil: so it analyzes for signal injections. If you have a cross-site, script.
581
00:50:11.900 --> 00:50:15.779
Orlando Gentil: it will future the content of the communication.
582
00:50:17.820 --> 00:50:19.299
Orlando Gentil: and
583
00:50:23.180 --> 00:50:25.049
Orlando Gentil: I lost threat here. Just a second.
584
00:50:26.130 --> 00:50:32.279
Orlando Gentil: It monitors the what you have on the package, and based on that, it can analyze in future
585
00:50:32.480 --> 00:50:36.709
Orlando Gentil: what will be delivered to your application service?
586
00:50:40.980 --> 00:50:42.189
Orlando Gentil: What else
587
00:50:43.140 --> 00:50:50.270
Orlando Gentil: for now that's what you would need to understand about the the West? It's a not the main go to that G. From this guy.
588
00:50:54.220 --> 00:50:58.660
Orlando Gentil: Here we have how those security services integrate.
589
00:51:00.460 --> 00:51:03.780
Orlando Gentil: If I I use one of the used cases that we have.
590
00:51:03.980 --> 00:51:08.139
Orlando Gentil: So if we come on the bottom, here we have.
591
00:51:08.310 --> 00:51:09.600
Orlando Gentil: I am
592
00:51:09.980 --> 00:51:17.159
Orlando Gentil: an identity. Cloud services is your identity as a service where your users will be. You have the vault.
593
00:51:17.480 --> 00:51:20.100
it's place it in the region, so
594
00:51:20.340 --> 00:51:25.469
Orlando Gentil: anyone within the region will have access to the encryption keys that you have here
595
00:51:26.120 --> 00:51:31.740
Orlando Gentil: your users on the outside. If they are, for example, the Admin.
596
00:51:32.070 --> 00:51:34.589
Orlando Gentil: They can take advantage of the question
597
00:51:35.790 --> 00:51:39.459
Orlando Gentil: to access the infrastructure to do the management.
598
00:51:40.410 --> 00:51:46.019
Orlando Gentil: This slide here does not show, but your users could be using also a VPN.
599
00:51:46.300 --> 00:51:52.890
Orlando Gentil: And on top of the VPN they we use the bastion so you can do one thing on top of the other.
600
00:51:53.430 --> 00:51:55.230
Orlando Gentil: but that could be over queue.
601
00:51:55.640 --> 00:52:02.399
Orlando Gentil: Assuming that your VPN is safe, you don't have to encrypt what is going inside, that
602
00:52:03.830 --> 00:52:13.540
Orlando Gentil: your external customers. When they have to go to your applications, you can filter those access with the web application, firewall.
603
00:52:14.430 --> 00:52:20.689
Orlando Gentil: We have the underlying services like Cloud guard vulnerabilities, scanning.
604
00:52:21.120 --> 00:52:24.370
Orlando Gentil: tracking, what's going on, finding the threats
605
00:52:24.790 --> 00:52:29.329
Orlando Gentil: giving you visibility If you have
606
00:52:30.170 --> 00:52:31.839
Orlando Gentil: the latest patches
607
00:52:32.230 --> 00:52:34.119
Orlando Gentil: just to highlight the
608
00:52:34.620 --> 00:52:37.010
Orlando Gentil: the the importance of being touched.
609
00:52:37.230 --> 00:52:44.789
Orlando Gentil: Just if you end up. If you are following the news, you saw the it's open season for the Esx
610
00:52:44.810 --> 00:52:46.759
Orlando Gentil: service that are untouched.
611
00:52:47.490 --> 00:52:48.799
Orlando Gentil: so
612
00:52:49.030 --> 00:52:54.520
Orlando Gentil: that you it's a very basic thing that sometimes we don't give the proper
613
00:52:54.760 --> 00:52:55.810
Orlando Gentil: value.
614
00:52:55.840 --> 00:52:59.569
Orlando Gentil: and a lot of people just think that it's a
615
00:52:59.740 --> 00:53:12.859
Orlando Gentil: pain in the tail to have to research files, the applications and all that. But it's a necessary evil, and it's a simple thing that we could be doing to minimize the how, how we are exposed.
616
00:53:13.920 --> 00:53:14.600
Orlando Gentil: and
617
00:53:15.160 --> 00:53:18.919
Orlando Gentil: all that it's being audited in, monitor it
618
00:53:19.200 --> 00:53:22.279
Orlando Gentil: with the within those Ci
619
00:53:24.890 --> 00:53:26.669
Orlando Gentil: compliance programs.
620
00:53:27.060 --> 00:53:33.759
Orlando Gentil: If depending on the your area of business, you need to have some
621
00:53:33.990 --> 00:53:35.540
Orlando Gentil: certifications
622
00:53:37.050 --> 00:53:41.170
how it works when you're going through a cloud. Provider.
623
00:53:41.790 --> 00:53:45.769
Orlando Gentil: If you are on before how it's done, we need some prep.
624
00:53:45.940 --> 00:53:48.259
Orlando Gentil: Let's say that you are health care.
625
00:53:50.460 --> 00:53:52.440
Orlando Gentil: the health care scenario
626
00:53:52.750 --> 00:53:58.770
Orlando Gentil: that you that you're gonna have to hire an auditor and that auditor will come, and it will
627
00:53:59.030 --> 00:54:05.570
Orlando Gentil: give you the list of the things that you have to provide him to make sure that you are hipaa compliance
628
00:54:05.640 --> 00:54:09.909
Orlando Gentil: kin. I think that we have a different name. I forgot, but it's equivalent to
629
00:54:11.200 --> 00:54:12.349
Orlando Gentil: to Hipaa
630
00:54:12.420 --> 00:54:15.410
Orlando Gentil: and the
631
00:54:16.000 --> 00:54:19.950
Orlando Gentil: If you meet those those criteria.
632
00:54:20.150 --> 00:54:26.070
Orlando Gentil: you will get search fired that you are compliance with that specific program
633
00:54:27.060 --> 00:54:29.619
Orlando Gentil: The way that
634
00:54:32.790 --> 00:54:35.899
Orlando Gentil: the way that it works when you go to the Cloud Provider is
635
00:54:36.060 --> 00:54:37.209
Orlando Gentil: oci
636
00:54:37.380 --> 00:54:42.980
Orlando Gentil: doesn't need to be heapa compliant because you will. You need to be he the compliant?
637
00:54:43.580 --> 00:54:47.900
Orlando Gentil: We, he! We have to give you what we call at the station.
638
00:54:47.930 --> 00:54:53.989
Orlando Gentil: and with that at the station it's what you will use in your process of being compliant.
639
00:54:54.720 --> 00:54:58.839
Orlando Gentil: So it's not. Again, it's a shared model. We give you
640
00:54:58.870 --> 00:55:01.610
Orlando Gentil: part of the of the requirements
641
00:55:01.880 --> 00:55:09.900
Orlando Gentil: that, together with the requirements that you have from all the other prerequisites that he might ask you to have
642
00:55:10.200 --> 00:55:13.580
Orlando Gentil: with this attestation is how you become
643
00:55:13.730 --> 00:55:15.109
Orlando Gentil: hipaa compliance.
644
00:55:15.780 --> 00:55:22.499
Orlando Gentil: It's not that just by going to a Ci you are automatically hipaa or pci compliant.
645
00:55:24.040 --> 00:55:29.549
Orlando Gentil: So this is a good distinction to have, and a also to set the proper expectations
646
00:55:29.670 --> 00:55:35.109
Orlando Gentil: when you're going to use a cloud provider it this is for everyone.
647
00:55:35.630 --> 00:55:36.470
Orlando Gentil: Okay.
648
00:55:39.020 --> 00:55:47.389
Orlando Gentil: let's see what's come next. And with that we finished the part that we had took over on
649
00:55:48.380 --> 00:55:50.269
Orlando Gentil: security
650
00:55:52.070 --> 00:55:54.220
Orlando Gentil: while we transition Here.
651
00:55:54.350 --> 00:55:56.330
Orlando Gentil: let me.
652
00:55:56.400 --> 00:55:57.009
Hmm.
653
00:55:57.900 --> 00:56:00.410
Orlando Gentil: So here on the this is the console.
654
00:56:02.740 --> 00:56:06.020
Orlando Gentil: Do we have any questions on at this point.
655
00:56:11.900 --> 00:56:12.669
Orlando Gentil: Okay.
656
00:56:12.900 --> 00:56:15.200
Orlando Gentil: we have a question here that
657
00:56:15.440 --> 00:56:18.150
Orlando Gentil: I forgot to do some of the housekeeping.
658
00:56:18.270 --> 00:56:25.760
Orlando Gentil: The this session is a For 3 h. We are almost 1 h down on the road.
659
00:56:26.860 --> 00:56:29.120
Orlando Gentil: so we have 2 more hours to go.
660
00:56:29.770 --> 00:56:32.540
Let's take a 5 min break.
661
00:56:32.990 --> 00:56:34.270
Orlando Gentil: and
662
00:56:34.410 --> 00:56:38.750
Orlando Gentil: we should get back to go and cover it. Start with network
663
00:56:39.030 --> 00:56:40.509
Orlando Gentil: and compute.
664
00:56:40.760 --> 00:56:43.889
Orlando Gentil: and we can get more dynamic on the console, showing
665
00:56:44.550 --> 00:56:46.140
Orlando Gentil: what would be the options.
666
00:56:52.260 --> 00:56:54.840
Miles? Do we have a questions or
667
00:56:56.960 --> 00:57:03.109
Myles Brown: no, I I answered a few along the way. So I think we we're okay for now.
668
00:57:03.390 --> 00:57:05.880
Myles Brown: just while we're on break. I'm going to
669
00:57:05.910 --> 00:57:09.149
Myles Brown: I'm gonna share. We've got some upcoming
670
00:57:09.200 --> 00:57:12.409
Myles Brown: other free sessions. So you may want to.
671
00:57:12.540 --> 00:57:17.360
Myles Brown: You know for other clouds if you're interested in becoming multi-cloud we've got a little
672
00:57:17.600 --> 00:57:31.070
Myles Brown: as your administrator just talking about. You know how best to go towards that certification. And we also have a one day Google Cloud fundamentals class, so i'll. I'll throw those into the chat. You should be able to get those links out of there.
673
00:57:31.310 --> 00:57:42.489
Orlando Gentil: so i'll just leave that up. Well, while we're on break. How long are we on? Break for 5 min? So we should go back on like 11 for me. It's gonna be 11 and
674
00:57:42.600 --> 00:57:44.470
Orlando Gentil: 11 and 1, 11 and 2.
675
00:57:44.640 --> 00:57:50.239
Myles Brown: Okay? Oh, there's a couple of questions now. One of them is about the certification.
676
00:57:51.980 --> 00:57:53.609
Myles Brown: Yeah. I noticed that.
677
00:57:53.820 --> 00:57:57.470
Myles Brown: You know they now have years attached to the certifications.
678
00:57:57.670 --> 00:58:01.870
Myles Brown: and most of them are still on 2022, I think the
679
00:58:02.040 --> 00:58:12.330
Myles Brown: one of the architect ones is 2,023. Did you know much about that like when when they update those, the refresh comes on June?
680
00:58:12.590 --> 00:58:15.430
Orlando Gentil: Okay, it ties with the
681
00:58:15.850 --> 00:58:20.640
Orlando Gentil: if it's not exactly with the fiscal year. It's a close enough to
682
00:58:20.730 --> 00:58:32.009
Orlando Gentil: to do things. So we are currently working on that dating the certification. And you know that you do that. Another thing that it's interesting to point on. The certification is
683
00:58:35.460 --> 00:58:38.439
Orlando Gentil: I have to. I I have a link with
684
00:58:39.080 --> 00:58:40.209
Orlando Gentil: Link 3.
685
00:58:43.270 --> 00:58:45.100
Orlando Gentil: I want to have to date that
686
00:58:46.580 --> 00:58:49.689
Orlando Gentil: so, if you come to education at Oraclecom.
687
00:58:50.670 --> 00:58:53.150
Orlando Gentil: if you come to certification.
688
00:58:53.950 --> 00:58:56.550
Orlando Gentil: you can go to Oracle Cloud infrastructure
689
00:58:57.270 --> 00:59:00.140
Orlando Gentil: that will take you to the whole certification.
690
00:59:00.380 --> 00:59:02.919
Orlando Gentil: the all the stuff that you have to have.
691
00:59:03.930 --> 00:59:09.470
Orlando Gentil: But no, what I wanted to show is not actually on certification. It's on training.
692
00:59:10.680 --> 00:59:12.570
Orlando Gentil: If we go to training.
693
00:59:13.400 --> 00:59:16.529
Orlando Gentil: You will have a based on the role
694
00:59:16.700 --> 00:59:20.999
Orlando Gentil: you can select here, and you're going to see the different trainings that we have.
695
00:59:22.490 --> 00:59:25.450
Orlando Gentil: Those are
696
00:59:27.860 --> 00:59:30.999
Orlando Gentil: on demand training that you do at any time.
697
00:59:31.400 --> 00:59:33.020
Orlando Gentil: and
698
00:59:33.320 --> 00:59:39.269
Orlando Gentil: so you can take your own pace. We augment all this training with the the partners
699
00:59:39.350 --> 00:59:47.409
Orlando Gentil: where you gonna have a different types of sessions with more hands on approach instead of just the videos.
700
00:59:48.050 --> 00:59:50.760
Orlando Gentil: This part here, though it's all free
701
00:59:50.830 --> 00:59:55.949
Orlando Gentil: all the time. You don't have to worry about the you can do at your own pace.
702
00:59:56.310 --> 00:59:57.580
Orlando Gentil: and
703
00:59:58.200 --> 01:00:03.939
Orlando Gentil: take advantage to do just the hands on with the structure, and
704
01:00:04.740 --> 01:00:08.080
Orlando Gentil: maximize how you are going to use your time
705
01:00:09.060 --> 01:00:14.119
Orlando Gentil: talking about the oci certifications is
706
01:00:16.290 --> 01:00:19.969
Orlando Gentil: the or the the foundation. It's a free certification.
707
01:00:19.990 --> 01:00:24.540
Orlando Gentil: There's no cost to take this this certification.
708
01:00:24.600 --> 01:00:28.459
Orlando Gentil: and it's unknown proptured
709
01:00:28.630 --> 01:00:32.830
Orlando Gentil: certification, meaning that it's a pretty much open book.
710
01:00:34.450 --> 01:00:37.949
Orlando Gentil: Why, we do that. It's just to get you
711
01:00:38.090 --> 01:00:40.029
Orlando Gentil: that your feet wet on.
712
01:00:40.130 --> 01:00:41.950
Orlando Gentil: How Will Ci operates
713
01:00:42.240 --> 01:00:46.090
Orlando Gentil: to use some of the knowledge that we are going to
714
01:00:46.110 --> 01:00:47.540
Orlando Gentil: see today.
715
01:00:48.030 --> 01:00:52.600
Orlando Gentil: together with the whole bunch of sessions that you have here.
716
01:00:53.600 --> 01:00:55.699
Orlando Gentil: If you click on the certification
717
01:01:00.770 --> 01:01:01.989
Orlando Gentil: you will see.
718
01:01:02.260 --> 01:01:02.890
Orlando Gentil: Oh.
719
01:01:03.070 --> 01:01:04.240
Orlando Gentil: let me stop here.
720
01:01:05.780 --> 01:01:11.030
Orlando Gentil: You see that we have 8 h of training. Oh, sorry I was not on my screen.
721
01:01:11.250 --> 01:01:12.539
Myles Brown: Yeah, no. I'm a
722
01:01:13.100 --> 01:01:23.120
Orlando Gentil: I'm sharing my screen right now. Not here. Okay, no. But I I I I just noticed that I was not that there. So let me go back here all my bed.
723
01:01:28.200 --> 01:01:31.410
Orlando Gentil: I'm going to stop your sharing. See if you can do that. Okay.
724
01:01:33.010 --> 01:01:34.890
Orlando Gentil: and it's a good thing to
725
01:01:35.530 --> 01:01:38.270
Orlando Gentil: go with a couple of minutes before people come back, and
726
01:01:38.700 --> 01:01:42.019
Orlando Gentil: we can show this. I think it's going to be beneficial for everyone.
727
01:01:43.340 --> 01:01:45.570
There was another question about
728
01:01:46.630 --> 01:01:51.909
Myles Brown: like the professional one? Do they have? Do they have like a a refresh
729
01:01:52.040 --> 01:01:55.110
Myles Brown: exam, or do you have to do the full exam again.
730
01:01:55.210 --> 01:01:58.349
Myles Brown: I think you have to do a full exam again. Right?
731
01:01:59.350 --> 01:02:00.919
Orlando Gentil: You have to do the full exam.
732
01:02:01.880 --> 01:02:05.120
Deltas are not coming anytime soon.
733
01:02:05.620 --> 01:02:06.930
Orlando Gentil: so
734
01:02:07.900 --> 01:02:12.419
Orlando Gentil: what i'm gonna what i'm trying to pitch with the team is
735
01:02:12.670 --> 01:02:13.390
Orlando Gentil: okay.
736
01:02:13.510 --> 01:02:23.339
Orlando Gentil: It's it's it's painful to have to have the same training, but the both are that associated with that professionals are. It's such a
737
01:02:23.650 --> 01:02:27.489
Orlando Gentil: broad certification with so many areas.
738
01:02:27.810 --> 01:02:32.149
Orlando Gentil: I'm going to try to put together a
739
01:02:33.640 --> 01:02:43.200
Orlando Gentil: a delta at least of the training. So you don't have to be. If you go to the training today, you have a lot of new labels attached to each lesson.
740
01:02:43.600 --> 01:02:49.650
Orlando Gentil: but you still have to go into the training and hunt for those labels.
741
01:02:49.800 --> 01:02:56.720
Orlando Gentil: I'm trying to work with the team and see if they buy the idea of having like a Delta training at list.
742
01:02:56.960 --> 01:02:58.930
Orlando Gentil: So you can focus on
743
01:02:59.100 --> 01:03:04.250
Orlando Gentil: what's the new stuff that it's all separated instead of having to navigate the whole training
744
01:03:05.210 --> 01:03:09.880
Orlando Gentil: art that associate, for example, I think it's like 27 h.
745
01:03:11.890 --> 01:03:13.039
Orlando Gentil: Let's take a look here.
746
01:03:18.880 --> 01:03:20.009
Orlando Gentil: 26
747
01:03:21.110 --> 01:03:24.930
Orlando Gentil: 26 h covering pretty much every single service
748
01:03:25.290 --> 01:03:27.059
Orlando Gentil: professional. It's a
749
01:03:27.680 --> 01:03:31.400
Orlando Gentil: it's deeper but it's just pretty much You just
750
01:03:31.820 --> 01:03:37.760
Orlando Gentil: scenarios applying the the knowledge that you got on associate. It's like you.
751
01:03:38.380 --> 01:03:39.649
Orlando Gentil: maybe 2
752
01:03:39.700 --> 01:03:40.709
Orlando Gentil: products
753
01:03:40.760 --> 01:03:45.829
Orlando Gentil: that are not covered on associate or into the the professional one.
754
01:03:46.040 --> 01:03:48.479
Orlando Gentil: The majority of questions. It's
755
01:03:49.270 --> 01:03:52.229
Orlando Gentil: scenarios and how to
756
01:03:53.310 --> 01:03:55.509
Orlando Gentil: how to leverage the technology.
757
01:03:58.000 --> 01:04:00.899
Orlando Gentil: So it's a 3 min past the clock.
758
01:04:01.740 --> 01:04:04.930
Orlando Gentil: Let's go back where we stopped it.
759
01:04:06.710 --> 01:04:13.529
Orlando Gentil: If you guys took a break, what I wanted to show here is when you go to education oracle.com
760
01:04:14.500 --> 01:04:15.870
what is my jet?
761
01:04:21.060 --> 01:04:25.710
Orlando Gentil: You when you go to education, that oracle.com. If you come to training.
762
01:04:26.160 --> 01:04:32.320
Orlando Gentil: cloud, infrastructure or cloud infrastructure, you will go to a.
763
01:04:33.990 --> 01:04:35.389
Orlando Gentil: Why, it's not clearing
764
01:04:39.160 --> 01:04:41.489
Orlando Gentil: it will take you to. The
765
01:04:41.760 --> 01:04:46.699
Orlando Gentil: least, of course, is that we have on oci. They're all free courses that we have.
766
01:04:47.600 --> 01:04:50.339
Orlando Gentil: and you can choose based on the role.
767
01:04:50.490 --> 01:04:51.620
Orlando Gentil: the persona.
768
01:04:52.380 --> 01:04:57.070
Orlando Gentil: What are the recommended certifications and training that you should attend
769
01:04:57.770 --> 01:05:00.459
Orlando Gentil: foundations? It's the very first one.
770
01:05:00.600 --> 01:05:07.659
Orlando Gentil: some some of the content that we are talking today. It's showed here on the
771
01:05:08.860 --> 01:05:14.389
Orlando Gentil: on the fold issue. Of course, we have, like 8 h of videos going through the basic services.
772
01:05:15.440 --> 01:05:19.770
Orlando Gentil: Some don't go as in that as I'm going to go on
773
01:05:20.050 --> 01:05:22.169
Orlando Gentil: some of the technologies.
774
01:05:22.530 --> 01:05:23.490
Orlando Gentil: but it's
775
01:05:23.840 --> 01:05:25.630
Orlando Gentil: what you need to start.
776
01:05:27.580 --> 01:05:32.239
Orlando Gentil: Oh, sorry I have something to pop it in front of me here that I can see.
777
01:05:33.140 --> 01:05:34.009
Orlando Gentil: Oh.
778
01:05:34.170 --> 01:05:35.069
nice!
779
01:05:38.900 --> 01:05:39.549
This
780
01:05:40.470 --> 01:05:41.489
Orlando Gentil: sorry for that!
781
01:05:42.190 --> 01:05:43.220
Orlando Gentil: And
782
01:05:43.670 --> 01:05:50.609
Orlando Gentil: it's a free certification. So if when you come to this screen here and you click on.
783
01:05:51.450 --> 01:05:52.750
Orlando Gentil: get started.
784
01:05:52.990 --> 01:06:00.410
Orlando Gentil: You can complete the the certification. It's a non-profit exam. So you can take any time you don't have to schedule
785
01:06:00.790 --> 01:06:02.109
Orlando Gentil: It's open book.
786
01:06:02.170 --> 01:06:04.009
Orlando Gentil: and it will give you
787
01:06:04.230 --> 01:06:08.250
Orlando Gentil: this certification will get your feet wet on on oci.
788
01:06:08.370 --> 01:06:13.659
Orlando Gentil: and you can have an idea which certification do you want to go? Which areas do you want
789
01:06:14.310 --> 01:06:15.990
to explore?
790
01:06:19.480 --> 01:06:20.319
Orlando Gentil: Okay.
791
01:06:23.500 --> 01:06:26.629
Orlando Gentil: And the phone needs to be bigger again?
792
01:06:27.220 --> 01:06:28.410
Orlando Gentil: Sorry for that.
793
01:06:31.550 --> 01:06:33.839
Orlando Gentil: I thought that it would change all the
794
01:06:33.910 --> 01:06:36.580
Orlando Gentil: all the windows, but apparently not
795
01:06:38.270 --> 01:06:39.929
Orlando Gentil: so in order to come here.
796
01:06:40.090 --> 01:06:45.749
Orlando Gentil: Education, that oracle.com. You can go to training. You're going to be here.
797
01:06:46.350 --> 01:06:48.380
If you are not signed in.
798
01:06:48.420 --> 01:06:52.250
Orlando Gentil: it will prompt you to sign in. You can create an account.
799
01:06:52.400 --> 01:06:55.359
Orlando Gentil: It doesn't. Charge you anything to create this account
800
01:06:55.450 --> 01:06:59.229
Orlando Gentil: if you already use
801
01:07:01.830 --> 01:07:02.980
Orlando Gentil: What's the name?
802
01:07:03.170 --> 01:07:06.429
Orlando Gentil: The if you have like, for example, to download the Java.
803
01:07:06.740 --> 01:07:12.989
Orlando Gentil: My sequel, if you don't hold it. Any software from, or you already have an account. You don't have to create one.
804
01:07:13.170 --> 01:07:18.979
Orlando Gentil: You're going to use the same one that you previously previously used. Okay.
805
01:07:20.790 --> 01:07:27.819
Orlando Gentil: let me pull my next set of slides, and we talked about oci security.
806
01:07:27.890 --> 01:07:31.010
Orlando Gentil: We going to still go with the security
807
01:07:32.800 --> 01:07:36.259
Orlando Gentil: with the I am services.
808
01:07:37.900 --> 01:07:42.899
Orlando Gentil: Miles. If i'm going too deep on any topic, please just
809
01:07:43.370 --> 01:07:51.370
Orlando Gentil: let me know. So for it. I can be time, so I can be more Time Conservative and don't scare people too much on the
810
01:07:51.400 --> 01:08:00.210
Myles Brown: I think we're okay, you know. I mean, however long it takes you. I I I think we're here till 2 Eastern right?
811
01:08:00.390 --> 01:08:01.160
Myles Brown: Okay?
812
01:08:01.210 --> 01:08:09.629
Orlando Gentil: No? Well, just so. The on the beginning we used to have like a trainings, and we were doing like 3,
813
01:08:09.870 --> 01:08:11.630
Orlando Gentil: 2 h sessions.
814
01:08:11.740 --> 01:08:20.249
Orlando Gentil: I end up having to extend that to 3 for our sessions to cover a whole bunch of stuff for the architect.
815
01:08:20.580 --> 01:08:24.259
Orlando Gentil: It's not for the foundation. So. But I I
816
01:08:25.189 --> 01:08:28.379
Orlando Gentil: use a lot of the time, so I sometimes I have to.
817
01:08:28.779 --> 01:08:32.799
Orlando Gentil: with some collaboration on keeping me on track not too deep
818
01:08:33.920 --> 01:08:35.579
Orlando Gentil: on that. Okay.
819
01:08:36.279 --> 01:08:38.960
Orlando Gentil: So let's start with.
820
01:08:39.800 --> 01:08:42.510
Orlando Gentil: Let me leave this here on the console.
821
01:08:43.970 --> 01:08:45.350
Orlando Gentil: So i'm gonna go back
822
01:08:45.870 --> 01:08:47.490
Orlando Gentil: every now and then.
823
01:08:52.140 --> 01:08:53.000
Orlando Gentil: Hmm.
824
01:08:53.080 --> 01:08:56.109
Orlando Gentil: Okay, I think it. We should have that on the screen.
825
01:08:57.000 --> 01:09:00.400
Orlando Gentil: Let's talk about identity and access management
826
01:09:05.130 --> 01:09:06.399
Orlando Gentil: basics of
827
01:09:06.560 --> 01:09:08.710
Orlando Gentil: identity and access management.
828
01:09:14.800 --> 01:09:17.580
Orlando Gentil: identity and access management. It's how
829
01:09:17.660 --> 01:09:22.779
Orlando Gentil: you are going to identify the resources, and how you're going to grant access
830
01:09:23.359 --> 01:09:28.139
Orlando Gentil: to the resources it allows you to give fine-grain access. Control.
831
01:09:28.399 --> 01:09:31.620
Orlando Gentil: I'm going to show you how, with the policies
832
01:09:32.010 --> 01:09:34.019
Orlando Gentil: and the groups that we have
833
01:09:35.770 --> 01:09:45.389
Orlando Gentil: when we talk about identity and access management, we have to be. Usually people also mention them as Alf and and off see
834
01:09:45.750 --> 01:09:46.789
Orlando Gentil: off, and
835
01:09:46.930 --> 01:09:51.050
Orlando Gentil: is like a short for authentication. It means who you are.
836
01:09:51.359 --> 01:09:53.399
Orlando Gentil: All Z. It's a
837
01:09:53.640 --> 01:09:58.489
Orlando Gentil: the short for authorization. It's the permissions that you have
838
01:09:58.520 --> 01:10:01.200
Orlando Gentil: and what you can do with the resources
839
01:10:02.470 --> 01:10:06.150
Orlando Gentil: how those things are organized with. Oci.
840
01:10:06.420 --> 01:10:07.299
Orlando Gentil: We have
841
01:10:07.330 --> 01:10:09.410
Orlando Gentil: all this concept here.
842
01:10:09.780 --> 01:10:13.079
Orlando Gentil: and we're gonna go through each one of them.
843
01:10:13.920 --> 01:10:15.580
Orlando Gentil: so you can have an idea
844
01:10:15.690 --> 01:10:17.400
Orlando Gentil: how they tight together
845
01:10:17.500 --> 01:10:19.569
Orlando Gentil: and how you can use them.
846
01:10:24.760 --> 01:10:26.860
Orlando Gentil: We talked a bit about identity domain.
847
01:10:26.920 --> 01:10:29.270
Orlando Gentil: So with identity domain.
848
01:10:29.500 --> 01:10:31.869
Orlando Gentil: It's how you going to
849
01:10:31.970 --> 01:10:35.870
Orlando Gentil: group different population of users.
850
01:10:36.100 --> 01:10:38.160
We've seen.
851
01:10:38.720 --> 01:10:39.760
Orlando Gentil: Oci.
852
01:10:40.820 --> 01:10:42.110
Orlando Gentil: If you have.
853
01:10:42.580 --> 01:10:49.399
Orlando Gentil: well, if you are new to let's say you are a new company. You don't have any infrastructure. You wouldn't start fresh on the cloud.
854
01:10:49.820 --> 01:10:52.239
Orlando Gentil: Your first identity domain is where
855
01:10:52.820 --> 01:10:54.490
Orlando Gentil: all your users will be.
856
01:10:54.610 --> 01:11:05.379
Orlando Gentil: But if you are on Prem, and you want to start to extend the kind of infrastructure that you have, and you eventually start to use a cloud provider.
857
01:11:07.150 --> 01:11:11.829
Orlando Gentil: You already have a a user population. So what do you do?
858
01:11:11.860 --> 01:11:19.870
Orlando Gentil: You will still have to have an identity domain. But this identity domain will be federated with your
859
01:11:20.230 --> 01:11:24.019
Orlando Gentil: the population that you have, for example, in your active Directory.
860
01:11:24.120 --> 01:11:30.389
Orlando Gentil: You don't have to recreate all those users. You're gonna have to have some local users because it's a
861
01:11:30.590 --> 01:11:33.490
a new environment
862
01:11:33.540 --> 01:11:41.529
Orlando Gentil: that you are setting up. It's a new territory that you are exploring. But you once you do the your initial exploration.
863
01:11:41.620 --> 01:11:48.060
Orlando Gentil: you will be able to the Admin. From this new territory. They gonna be able to grant permissions
864
01:11:48.150 --> 01:11:52.590
Orlando Gentil: to the population that you already have in your on premises.
865
01:11:53.160 --> 01:11:56.329
Orlando Gentil: So you don't have to recreate.
866
01:11:56.440 --> 01:12:02.640
Orlando Gentil: have the problems of different passwords. You can just take advantage of all the stuff that you have.
867
01:12:03.380 --> 01:12:17.399
Orlando Gentil: and with the Federation you can have a seamless, seamless link. I hate this word. You have a transparent experience where the user doesn't have to have a different password
868
01:12:17.940 --> 01:12:23.359
Orlando Gentil: worst case scenario. They can have a different user but it Everything is synchronized.
869
01:12:23.620 --> 01:12:33.219
Orlando Gentil: If someone is on vacation you have to lock the account. You can do just that on the AD. You don't have to control Ci to lock his account, or if the user is terminated.
870
01:12:33.850 --> 01:12:37.900
Orlando Gentil: it permits you to have this kind of transparency.
871
01:12:39.630 --> 01:12:41.689
Orlando Gentil: The types of identity domains
872
01:12:42.540 --> 01:12:45.560
Orlando Gentil: the free. It's the basic one that you have.
873
01:12:45.820 --> 01:12:47.920
Orlando Gentil: and it's a Butene.
874
01:12:48.400 --> 01:12:50.960
Orlando Gentil: If you are using
875
01:12:51.100 --> 01:12:54.330
Orlando Gentil: oracle applications from the Sas round.
876
01:12:54.440 --> 01:12:56.229
Orlando Gentil: You can have like a
877
01:12:56.550 --> 01:12:58.080
Orlando Gentil: or whoever's premium.
878
01:12:58.150 --> 01:13:01.329
Orlando Gentil: so you can integrate those users there as well.
879
01:13:02.250 --> 01:13:04.340
If you have a.
880
01:13:05.860 --> 01:13:10.950
Orlando Gentil: as I said already in place, identity, Texas management.
881
01:13:11.360 --> 01:13:18.390
Orlando Gentil: You can just integrate by setting up a premium identity domain, integrate those.
882
01:13:18.980 --> 01:13:24.890
Orlando Gentil: The free is free, the other ones. They have different tiers that you can use.
883
01:13:25.160 --> 01:13:28.120
Orlando Gentil: I forgot to mention the external, user, but it's a
884
01:13:28.580 --> 01:13:32.999
Orlando Gentil: the use case that I gave the example. If you have the
885
01:13:34.470 --> 01:13:36.649
Orlando Gentil: an application.
886
01:13:37.150 --> 01:13:39.689
Orlando Gentil: and your external users.
887
01:13:39.760 --> 01:13:44.769
Orlando Gentil: your external clients for that application. If you want to use
888
01:13:45.300 --> 01:14:00.300
Orlando Gentil: identity and access management service in the Ci. As your repository for those users. You can do that if you don't have, for example, them on the different branch of your AD, or if you don't want to do that, you? Or if you want to keep them
889
01:14:00.330 --> 01:14:05.250
Orlando Gentil: outside of the database, instead of having to create the user, the client
890
01:14:05.550 --> 01:14:08.090
identity inside of the database.
891
01:14:12.980 --> 01:14:15.679
Orlando Gentil: how we organize the
892
01:14:16.230 --> 01:14:18.510
that with
893
01:14:18.880 --> 01:14:20.359
Orlando Gentil: the rest of full ci
894
01:14:21.010 --> 01:14:23.219
Orlando Gentil: you, you have your users.
895
01:14:24.220 --> 01:14:28.559
Orlando Gentil: and those users need to be assigned to a group.
896
01:14:28.740 --> 01:14:30.660
Orlando Gentil: and the group will be
897
01:14:30.950 --> 01:14:35.160
Orlando Gentil: so. They will be referenced on policies.
898
01:14:36.420 --> 01:14:39.690
Orlando Gentil: and you will have compartments.
899
01:14:39.800 --> 01:14:42.139
Orlando Gentil: We're going to go a bit deeper and compartments
900
01:14:42.420 --> 01:14:44.549
Orlando Gentil: because they group the resources
901
01:14:44.870 --> 01:14:47.929
Orlando Gentil: and what it whatever is.
902
01:14:48.760 --> 01:14:50.849
Orlando Gentil: So the users, the
903
01:14:51.510 --> 01:15:04.290
Orlando Gentil: assigned to groups, those groups are referenced references to policies and those those policies tell what you can do with certain resources that are grouped on compartments.
904
01:15:09.550 --> 01:15:14.030
Orlando Gentil: What is the resource? Everything that you have on oci? It will be a resource.
905
01:15:14.510 --> 01:15:16.840
Orlando Gentil: We have block storage.
906
01:15:17.000 --> 01:15:18.600
Orlando Gentil: object storage.
907
01:15:18.900 --> 01:15:20.059
Orlando Gentil: buckets.
908
01:15:20.400 --> 01:15:24.429
Orlando Gentil: autonomous database, your containers, database systems.
909
01:15:25.020 --> 01:15:29.039
Orlando Gentil: everything that you have on oci is represented as a resource.
910
01:15:29.200 --> 01:15:32.410
Orlando Gentil: It will be a cloud object where you can manage.
911
01:15:32.940 --> 01:15:36.920
Orlando Gentil: You can get information from that. You can manipulate
912
01:15:37.280 --> 01:15:40.719
Orlando Gentil: to provide access to another resource.
913
01:15:41.160 --> 01:15:43.540
Orlando Gentil: Everything in the end is a resource.
914
01:15:46.710 --> 01:15:51.710
Orlando Gentil: The resources on oci they are. They have what we call
915
01:15:52.040 --> 01:15:54.500
Orlando Gentil: they have a unique name name.
916
01:15:55.430 --> 01:15:57.719
Orlando Gentil: They have the type of the resource.
917
01:15:58.240 --> 01:16:01.410
Orlando Gentil: the realm of the resource. It's
918
01:16:03.140 --> 01:16:05.259
Orlando Gentil: the wrong is. If it's a
919
01:16:05.560 --> 01:16:08.739
Orlando Gentil: it's on the commercial realm. If it's a government wrong.
920
01:16:09.960 --> 01:16:15.009
Orlando Gentil: If most of the time you don't have to worry about, this is going to be the same for you for everything
921
01:16:15.360 --> 01:16:19.559
Orlando Gentil: you know. It's something that the rarely you're going to have to deal with.
922
01:16:20.080 --> 01:16:20.860
Orlando Gentil: Excuse me.
923
01:16:21.410 --> 01:16:23.710
Orlando Gentil: then you will have the region
924
01:16:23.970 --> 01:16:26.919
Orlando Gentil: where the resources assigned.
925
01:16:27.910 --> 01:16:29.690
Orlando Gentil: If it's a global resource.
926
01:16:29.770 --> 01:16:31.889
Orlando Gentil: it you might not see the region.
927
01:16:33.510 --> 01:16:37.659
Orlando Gentil: and you have a reserved field and you have a unique. Id
928
01:16:38.710 --> 01:16:43.700
Orlando Gentil: let me go to the console and show you where my console
929
01:16:45.760 --> 01:16:47.180
here.
930
01:16:50.750 --> 01:16:52.470
Orlando Gentil: So your user
931
01:16:53.140 --> 01:16:54.969
Orlando Gentil: he's a resource on oci.
932
01:16:55.730 --> 01:16:59.149
Orlando Gentil: If you check here you have the Oc. Id.
933
01:17:00.100 --> 01:17:03.809
Orlando Gentil: You have the end of the number. But if I can show
934
01:17:06.950 --> 01:17:08.289
Orlando Gentil: we have here
935
01:17:08.550 --> 01:17:09.909
Orlando Gentil: the type of the
936
01:17:10.310 --> 01:17:11.730
resource.
937
01:17:13.620 --> 01:17:16.069
Orlando Gentil: This is a static. This will not change
938
01:17:17.090 --> 01:17:21.389
Orlando Gentil: eventually if we come to a different version of full CID,
939
01:17:21.460 --> 01:17:25.250
Orlando Gentil: but most likely, for now it will not change.
940
01:17:26.080 --> 01:17:28.709
Orlando Gentil: You have the type. It's a user account.
941
01:17:30.580 --> 01:17:34.610
Orlando Gentil: You have the round Oc: one because we are in the commercial region.
942
01:17:36.380 --> 01:17:40.060
The user is a global resource.
943
01:17:40.130 --> 01:17:44.759
Orlando Gentil: So, regardless of the region, my user will be the same forever.
944
01:17:45.240 --> 01:17:48.869
Orlando Gentil: the sake, not forever. It will be the same everywhere.
945
01:17:49.520 --> 01:17:51.980
Orlando Gentil: and after that you will have
946
01:17:52.550 --> 01:17:54.030
Orlando Gentil: this portion here.
947
01:17:54.250 --> 01:17:55.929
Orlando Gentil: That is your unique Id.
948
01:17:56.610 --> 01:18:02.219
Orlando Gentil: This is randomly assigned, and it's unique for all resources.
949
01:18:02.540 --> 01:18:05.540
Orlando Gentil: This whole combination is how you can
950
01:18:05.580 --> 01:18:09.600
Orlando Gentil: refer to your to a specific resource.
951
01:18:10.290 --> 01:18:12.659
Orlando Gentil: and you don't have to.
952
01:18:13.080 --> 01:18:15.240
Orlando Gentil: It will not conflict.
953
01:18:17.810 --> 01:18:20.159
Orlando Gentil: If we check, for example, the tenancy
954
01:18:25.090 --> 01:18:26.989
we're gonna have the same thing
955
01:18:29.230 --> 01:18:30.429
Orlando Gentil: full. CID:
956
01:18:30.970 --> 01:18:31.830
Orlando Gentil: the type.
957
01:18:32.840 --> 01:18:34.019
Orlando Gentil: the room.
958
01:18:36.640 --> 01:18:37.530
Orlando Gentil: You know that
959
01:18:38.710 --> 01:18:41.920
every resource we have different information here.
960
01:18:42.410 --> 01:18:43.160
Orlando Gentil: So
961
01:18:44.750 --> 01:18:49.000
Orlando Gentil: once you go to every resource, you're gonna see that. But everything is going to be tied
962
01:18:49.230 --> 01:18:51.079
Orlando Gentil: with the Ocid.
963
01:18:59.410 --> 01:19:01.429
Orlando Gentil: Let me go back to the
964
01:19:03.710 --> 01:19:05.949
Orlando Gentil: the station. Yes, it's there.
965
01:19:09.570 --> 01:19:12.690
Orlando Gentil: But I went to the Council, but we have some examples here as well.
966
01:19:16.670 --> 01:19:28.629
Orlando Gentil: Tenancy is a global, so you don't see the region. But if you look here, EU dash Frank for one, it indicates that this block volume is located on the frame. The Frankfurt
967
01:19:28.650 --> 01:19:30.369
region.
968
01:19:32.830 --> 01:19:35.500
Orlando Gentil: Let's talk about compartments.
969
01:19:37.170 --> 01:19:39.700
Compartment is
970
01:19:40.400 --> 01:19:45.040
Orlando Gentil: how you isolate resources, how you organize resources in oci.
971
01:19:46.020 --> 01:19:48.079
Orlando Gentil: Why do you need to do that?
972
01:19:48.140 --> 01:19:48.849
Orlando Gentil: Well.
973
01:19:49.080 --> 01:19:52.510
Orlando Gentil: the whole infrastructure is a shared with multiple
974
01:19:53.350 --> 01:19:56.429
multiple tenants.
975
01:19:56.630 --> 01:20:04.530
Orlando Gentil: So you have to first have the root compartment that's going to be your tenancy. How your resources will be separated
976
01:20:04.590 --> 01:20:09.800
Orlando Gentil: from the other tenants. How we grant that isolation is using compartments
977
01:20:11.090 --> 01:20:16.509
Orlando Gentil: within your tendency, You can create up to 6 levels
978
01:20:16.640 --> 01:20:19.500
Orlando Gentil: of compartments
979
01:20:19.720 --> 01:20:26.939
Orlando Gentil: that we will allow you to create collections of resources in isolate and control the access to those resources.
980
01:20:27.490 --> 01:20:30.730
Orlando Gentil: So if we create a
981
01:20:31.630 --> 01:20:41.629
Orlando Gentil: a network compartment, we can group our network resources related vehicle cloud the load balancer, our bastion
982
01:20:41.910 --> 01:20:47.090
Orlando Gentil: as a network compartment, and we can have the network group taking care of this.
983
01:20:47.610 --> 01:20:50.210
Orlando Gentil: And the same applies with this storage.
984
01:20:50.680 --> 01:20:54.449
Orlando Gentil: If you are coming from a different cloud provider.
985
01:20:54.670 --> 01:20:58.209
I don't think no one. Implements, compartments.
986
01:20:58.380 --> 01:21:00.679
Orlando Gentil: compartments. It's a
987
01:21:00.770 --> 01:21:04.219
Orlando Gentil: kind of thing that I think it's a
988
01:21:05.450 --> 01:21:08.909
Orlando Gentil: it's he hef. Some people love it. Some people don't love it.
989
01:21:09.750 --> 01:21:15.069
Those that love it. It's because they didn't have any problems with it, or
990
01:21:17.000 --> 01:21:20.769
Orlando Gentil: or you finally got a you a grasp on how things are
991
01:21:21.290 --> 01:21:25.859
Orlando Gentil: compartments that I have. Another is like that. I think you streets better.
992
01:21:28.300 --> 01:21:37.140
Here, in the example, we are creating a network and storage compartment. But you can create compartments, for, instead of separating the
993
01:21:38.040 --> 01:21:40.120
Orlando Gentil: the by the type of resource.
994
01:21:40.360 --> 01:21:47.259
Orlando Gentil: It's going to be useful. If you want, for example, to separate to what is production? What is Qa: what is test?
995
01:21:47.810 --> 01:21:49.309
Orlando Gentil: And
996
01:21:50.480 --> 01:21:52.269
Orlando Gentil: that way? You can
997
01:21:52.440 --> 01:21:55.150
Orlando Gentil: avoid mixing
998
01:21:55.170 --> 01:21:58.469
Orlando Gentil: things that are important with things that are
999
01:21:59.040 --> 01:22:01.899
Orlando Gentil: volatile or non relevant
1000
01:22:02.070 --> 01:22:03.289
Orlando Gentil: to delete them
1001
01:22:07.690 --> 01:22:09.230
Orlando Gentil: a compartment
1002
01:22:09.360 --> 01:22:14.360
Orlando Gentil: it's a a resource can only belong to one compartment.
1003
01:22:14.650 --> 01:22:24.290
Orlando Gentil: This compartment could be on inside another compartment. But you will never see a resource that it's part of 2 compartments.
1004
01:22:24.310 --> 01:22:25.900
Orlando Gentil: Okay, it's.
1005
01:22:26.000 --> 01:22:28.769
Orlando Gentil: and they belong only to a single compartment.
1006
01:22:32.940 --> 01:22:35.350
How do you grant taxes
1007
01:22:35.690 --> 01:22:38.660
Orlando Gentil: on the beginning? We have like a this workflow.
1008
01:22:38.770 --> 01:22:42.950
Orlando Gentil: So we have the groups. The groups are referenced in the policies.
1009
01:22:43.110 --> 01:22:47.490
Orlando Gentil: And then in the policy, you say, hey, they have access to these compartments.
1010
01:22:48.220 --> 01:22:59.820
Orlando Gentil: This combination is what ensures that you have access to a certain compartment. When we talk about the policies you will see that there's more to this. It's not just
1011
01:23:00.150 --> 01:23:05.099
Orlando Gentil: the resource that they can use, but also what is the kind of access
1012
01:23:05.320 --> 01:23:06.820
Orlando Gentil: that you can do.
1013
01:23:06.990 --> 01:23:10.850
the access of what you can do with that resource
1014
01:23:14.520 --> 01:23:22.059
Orlando Gentil: compartments. They isolate the resources just from an organizational standpoint.
1015
01:23:22.270 --> 01:23:23.370
Orlando Gentil: so
1016
01:23:23.760 --> 01:23:28.810
Orlando Gentil: I can have compartment a, where I place my network, my
1017
01:23:29.120 --> 01:23:30.860
Orlando Gentil: my V. 4 cloud network.
1018
01:23:30.950 --> 01:23:39.269
Orlando Gentil: and I have compartment B, where I have my virtual machine, but my virtual machine needs to be connected to the virtual cloud network.
1019
01:23:39.880 --> 01:23:46.429
Orlando Gentil: The fact that they are on 2 different compartments does not prevent the virtual machine
1020
01:23:46.570 --> 01:23:49.330
Orlando Gentil: to communicate with the virtual cloud network.
1021
01:23:50.030 --> 01:23:51.360
Orlando Gentil: but only
1022
01:23:51.610 --> 01:23:56.080
Orlando Gentil: the users that are managing all the services.
1023
01:23:57.620 --> 01:24:02.710
Orlando Gentil: That's better, say the principles. So the authenticated users
1024
01:24:02.770 --> 01:24:04.370
Orlando Gentil: on the
1025
01:24:04.400 --> 01:24:07.669
Orlando Gentil: the compartment just presents the operations that they will
1026
01:24:07.850 --> 01:24:10.099
Orlando Gentil: do on these resources.
1027
01:24:12.280 --> 01:24:18.449
Orlando Gentil: Compartments equivalent to resource groups. It's, I think it's a bit different. Andy.
1028
01:24:18.830 --> 01:24:23.030
Orlando Gentil: I don't know enough about resource groups if
1029
01:24:25.080 --> 01:24:25.780
but
1030
01:24:26.350 --> 01:24:40.220
Orlando Gentil: she was a but I I talked to the ones to a an azure guy to a certain extent. Yes, but take that with a grain of salt, and I think that it's a they, they! They they are. They are some differences. They are not 100% equivalent
1031
01:24:46.370 --> 01:24:53.180
Orlando Gentil: resources, you can change the compartment of her resource. So if you have something that it's on
1032
01:24:54.040 --> 01:24:57.669
Orlando Gentil: test, and you want to move that to the production.
1033
01:24:57.750 --> 01:25:02.160
Orlando Gentil: you can have this type of flexibility. You can navigate
1034
01:25:02.500 --> 01:25:06.220
Orlando Gentil: the resources to organize the better
1035
01:25:06.260 --> 01:25:07.979
Orlando Gentil: the way that it better suits you.
1036
01:25:11.200 --> 01:25:12.840
Orlando Gentil: Compartments are.
1037
01:25:13.510 --> 01:25:20.540
Orlando Gentil: They are a global resource compartments, they can encompass several regions.
1038
01:25:20.560 --> 01:25:25.160
Orlando Gentil: So if you create the the example that I gave you on
1039
01:25:25.990 --> 01:25:29.009
Orlando Gentil: you have production tests. Qa.
1040
01:25:29.530 --> 01:25:32.219
Orlando Gentil: you can have a
1041
01:25:33.370 --> 01:25:34.980
Orlando Gentil: a production compartment
1042
01:25:35.220 --> 01:25:36.650
Orlando Gentil: that encompass
1043
01:25:36.840 --> 01:25:37.950
Orlando Gentil: Phoenix
1044
01:25:38.090 --> 01:25:39.330
Orlando Gentil: and Ashburn
1045
01:25:39.540 --> 01:25:43.900
Orlando Gentil: at the same time. You don't have to have one production Phoenix production.
1046
01:25:44.060 --> 01:25:50.960
Orlando Gentil: You could, but it's not necessary. You can just call everyone production across all the regions
1047
01:25:53.730 --> 01:25:58.129
Orlando Gentil: nested compartments. We can have up to 6 levels
1048
01:25:58.280 --> 01:26:00.940
the way that you grant permissions.
1049
01:26:01.310 --> 01:26:07.520
Orlando Gentil: It's a hierarchical. So if you grant permissions on a.
1050
01:26:09.390 --> 01:26:15.370
Orlando Gentil: if you have permissions on the compartment a. It will be inherited by Dnc.
1051
01:26:15.480 --> 01:26:19.130
Orlando Gentil: And the same thing if you go with B. It's just B and C.
1052
01:26:19.210 --> 01:26:22.729
Orlando Gentil: Not a. If you give permissions on the tendency.
1053
01:26:22.860 --> 01:26:23.790
Orlando Gentil: it will
1054
01:26:23.940 --> 01:26:25.260
Orlando Gentil: be propagated
1055
01:26:25.740 --> 01:26:29.190
Orlando Gentil: through the the child compartments.
1056
01:26:34.700 --> 01:26:44.100
Orlando Gentil: I'm not a use along with isolating the resources is, you can use compartments for quotas and budgets
1057
01:26:45.150 --> 01:26:50.529
Orlando Gentil: in the example that we had. We had the production test.
1058
01:26:50.580 --> 01:26:51.599
Orlando Gentil: Qa.
1059
01:26:51.970 --> 01:26:57.990
Orlando Gentil: If you are setting budgets on that. You You know exactly how much we're spending with each environment.
1060
01:26:58.820 --> 01:27:00.139
Orlando Gentil: And
1061
01:27:00.890 --> 01:27:10.989
Orlando Gentil: with that you can determine. You can give the report to your Cfo, and they can evaluate if they need to, how much they need to provision. If they have to Titan
1062
01:27:11.160 --> 01:27:12.490
Orlando Gentil: some budgets.
1063
01:27:12.960 --> 01:27:17.040
Orlando Gentil: it gives you tools to know where you are spending are.
1064
01:27:18.420 --> 01:27:25.960
Orlando Gentil: But budget is kind of reactive after you spend. You see that if you know that the guys from the the the the
1065
01:27:26.470 --> 01:27:29.819
Orlando Gentil: Development Department. They tend to
1066
01:27:30.210 --> 01:27:34.320
Orlando Gentil: use a lot of resources. They don't do the clean up and all that
1067
01:27:34.500 --> 01:27:38.079
you can set up quotas, and with that it will limit
1068
01:27:38.290 --> 01:27:41.290
Orlando Gentil: what they will, their power
1069
01:27:41.320 --> 01:27:43.910
Orlando Gentil: to create
1070
01:27:44.290 --> 01:27:45.930
Orlando Gentil: to create resources.
1071
01:27:46.340 --> 01:27:51.950
Orlando Gentil: So they are going to have to behave nicely and delete resources that they are not using.
1072
01:27:52.200 --> 01:27:54.149
Orlando Gentil: and you can have a fine control.
1073
01:27:56.700 --> 01:27:59.030
Orlando Gentil: Let's go now to
1074
01:27:59.130 --> 01:28:02.660
Orlando Gentil: authorization and authentication.
1075
01:28:08.000 --> 01:28:13.400
Orlando Gentil: We have what we call principles. Principle. Is that just a
1076
01:28:13.460 --> 01:28:16.490
Orlando Gentil: fancy name that you do. We use to
1077
01:28:16.530 --> 01:28:19.560
Orlando Gentil: represent an authenticated user
1078
01:28:19.760 --> 01:28:21.099
Orlando Gentil: and by
1079
01:28:21.660 --> 01:28:23.440
Orlando Gentil: not just the user
1080
01:28:23.480 --> 01:28:34.369
Orlando Gentil: because we have the image of the user as a physical person, but when it comes to principle, a resource could be also the
1081
01:28:35.860 --> 01:28:38.250
Orlando Gentil: a resource could be also be the principle.
1082
01:28:39.410 --> 01:28:41.179
Orlando Gentil: We can have
1083
01:28:42.160 --> 01:28:43.510
Orlando Gentil: principles.
1084
01:28:43.810 --> 01:28:51.100
Orlando Gentil: We can have situations where, for example, one instance, they have to have access to right.
1085
01:28:51.310 --> 01:28:56.350
Orlando Gentil: to a certain bucket, for example, in object storage.
1086
01:28:56.470 --> 01:29:05.460
Orlando Gentil: or to perform whatever process is coming. From that instance we have the permission to manipulate another resource
1087
01:29:06.380 --> 01:29:08.700
Orlando Gentil: like connecting to the database
1088
01:29:08.790 --> 01:29:09.889
Orlando Gentil: or
1089
01:29:10.430 --> 01:29:12.900
triggering a function.
1090
01:29:14.020 --> 01:29:21.769
Orlando Gentil: The function itself could be have the need to have a different type of access to a block storage.
1091
01:29:21.900 --> 01:29:23.679
Orlando Gentil: to a bucket.
1092
01:29:23.700 --> 01:29:30.750
Orlando Gentil: to get data to process. So you can have this kind of things on the resource
1093
01:29:31.200 --> 01:29:32.290
Orlando Gentil: principles.
1094
01:29:34.020 --> 01:29:36.139
Orlando Gentil: The way that you group this.
1095
01:29:36.450 --> 01:29:39.370
Orlando Gentil: either resource, principles, or
1096
01:29:39.440 --> 01:29:45.800
Orlando Gentil: identity and access management users, the person's users. You will collect them as a group
1097
01:29:46.560 --> 01:29:50.550
Orlando Gentil: so you can have the Admin group. You can have the instance group.
1098
01:29:54.980 --> 01:29:58.289
Orlando Gentil: This is screen here. It's a just to show the user
1099
01:29:58.340 --> 01:30:01.829
Orlando Gentil: and let's see if I have anything beyond that.
1100
01:30:02.970 --> 01:30:04.940
Orlando Gentil: No, he goes to the authentication.
1101
01:30:05.040 --> 01:30:06.870
Orlando Gentil: Let me go on the
1102
01:30:09.080 --> 01:30:10.490
Orlando Gentil: the console.
1103
01:30:14.950 --> 01:30:25.920
Orlando Gentil: If you're coming to a ci. Now, when you create a new account, you have a it's possible that you don't have identity domains because we are in the process of migrating.
1104
01:30:26.520 --> 01:30:30.919
Orlando Gentil: If you see on their identity directly user and groups
1105
01:30:31.100 --> 01:30:36.670
Orlando Gentil: in dynamic groups. It's because you don't have. Your account was not migrated yet.
1106
01:30:38.050 --> 01:30:41.409
Orlando Gentil: When you have in this is a an old account.
1107
01:30:43.250 --> 01:30:51.149
Orlando Gentil: If you have a identity, domains the user in groups, it will be grouped under domains. So you have one extra click to do
1108
01:30:59.620 --> 01:31:03.349
when you go to users gonna have the least of your users
1109
01:31:03.700 --> 01:31:06.359
Orlando Gentil: when you click on one. User
1110
01:31:07.040 --> 01:31:10.210
Orlando Gentil: Let me go to my user so I don't mess with the others.
1111
01:31:16.670 --> 01:31:18.569
Orlando Gentil: Oh, or Mendel.
1112
01:31:21.500 --> 01:31:23.669
Orlando Gentil: you have the details of the user
1113
01:31:24.590 --> 01:31:28.550
Orlando Gentil: on the Powerpoint, on the presentation on the slide.
1114
01:31:28.790 --> 01:31:34.030
Orlando Gentil: We are going to see some details. I would prefer to navigate here. I think it's better than
1115
01:31:34.110 --> 01:31:35.570
Orlando Gentil: just using this slide.
1116
01:31:36.600 --> 01:31:39.070
Orlando Gentil: so I will have the user information.
1117
01:31:39.840 --> 01:31:47.060
Orlando Gentil: I have a local password if you enabled Api keys. We're gonna go on the menu here on the resources and talk about it.
1118
01:31:48.470 --> 01:31:50.370
Orlando Gentil: Smtp: credentials.
1119
01:31:50.490 --> 01:31:52.420
Orlando Gentil: You're gonna have a summary over here
1120
01:31:52.600 --> 01:31:55.429
Orlando Gentil: under this summary. You're gonna have the groups.
1121
01:31:56.620 --> 01:32:03.240
Orlando Gentil: If I click here to add the user if you get the list of the groups and you can start adding that.
1122
01:32:05.620 --> 01:32:08.880
Orlando Gentil: So that's the initial.
1123
01:32:09.140 --> 01:32:11.600
Orlando Gentil: What what you see on the initial screen of the user
1124
01:32:12.040 --> 01:32:14.690
Orlando Gentil: create and be set the password, if
1125
01:32:15.280 --> 01:32:21.570
Orlando Gentil: you need to set up a new password. If this user is going to use multi-factor authentication.
1126
01:32:22.080 --> 01:32:24.719
Orlando Gentil: If you want to use Google authenticator
1127
01:32:24.980 --> 01:32:26.050
Orlando Gentil: azure
1128
01:32:26.290 --> 01:32:28.630
Orlando Gentil: oracle
1129
01:32:28.700 --> 01:32:30.370
Orlando Gentil: change
1130
01:32:32.690 --> 01:32:36.290
Orlando Gentil: what I should have access with this user
1131
01:32:36.370 --> 01:32:37.300
Orlando Gentil: so
1132
01:32:37.580 --> 01:32:42.910
Orlando Gentil: I can. As I mentioned, the database, can take advantage of these users here
1133
01:32:43.240 --> 01:32:53.610
Orlando Gentil: to be used on the on the database. I might not check the permissions of what I do on the database. But at least I don't have to recreate the user over there.
1134
01:32:54.030 --> 01:32:54.690
Orlando Gentil: But
1135
01:32:54.760 --> 01:32:59.920
Orlando Gentil: there, you can just make the assignment that you usually do in the database.
1136
01:33:00.470 --> 01:33:03.229
Orlando Gentil: and if this is enabled, I can use
1137
01:33:03.500 --> 01:33:06.079
Orlando Gentil: the username and password that i'm set up here
1138
01:33:13.570 --> 01:33:22.590
Orlando Gentil: here on the resources, we will have different types of authentications that the user can take advantage of.
1139
01:33:23.700 --> 01:33:25.719
Orlando Gentil: One is an Api key.
1140
01:33:26.630 --> 01:33:31.990
Orlando Gentil: So if you are using the rest, Api, you have to put this key here.
1141
01:33:33.080 --> 01:33:34.919
Orlando Gentil: you can have multiple keys
1142
01:33:36.140 --> 01:33:42.030
that you might be using on another system or not, or you can generate using the
1143
01:33:42.770 --> 01:33:44.809
Orlando Gentil: if you're using Mac or Linux
1144
01:33:45.690 --> 01:33:49.220
Orlando Gentil: you have a open Ssl. Command that you can use to create the key.
1145
01:33:49.570 --> 01:33:59.660
Orlando Gentil: If you don't want to the to do that you can just ask the interface to generate for you, and you can download the part, the public and the private key here.
1146
01:34:00.100 --> 01:34:01.489
Orlando Gentil: and use that
1147
01:34:03.040 --> 01:34:06.170
Orlando Gentil: if you already have one. You can upload the file.
1148
01:34:06.400 --> 01:34:08.259
Orlando Gentil: or you can copy and paste
1149
01:34:08.420 --> 01:34:10.210
Orlando Gentil: the venue of the file here.
1150
01:34:11.440 --> 01:34:13.559
Orlando Gentil: That's what we have on the
1151
01:34:13.600 --> 01:34:14.450
Orlando Gentil: flight.
1152
01:34:15.480 --> 01:34:17.080
Orlando Gentil: So when you paste the key
1153
01:34:18.230 --> 01:34:19.920
Orlando Gentil: looks something like this.
1154
01:34:23.190 --> 01:34:29.200
Orlando Gentil: The key what you have to inform here is the public key, the private key. It's just for your cell phone.
1155
01:34:29.320 --> 01:34:40.050
Orlando Gentil: You don't. You don't use that anywhere. You just use on your computer, together with your user and the same way that you use like a Ssh. Key.
1156
01:34:40.070 --> 01:34:42.409
Orlando Gentil: It can be protected by passwords.
1157
01:34:44.670 --> 01:34:48.090
Orlando Gentil: and that grants you access to the Api.
1158
01:34:48.120 --> 01:34:53.109
Orlando Gentil: and it's the same key that you are going to use when you are using the cli.
1159
01:34:54.450 --> 01:34:56.620
Orlando Gentil: When we used here
1160
01:34:56.920 --> 01:34:58.160
Orlando Gentil: the cloud show.
1161
01:34:58.580 --> 01:35:02.380
Orlando Gentil: it comes pre-configured to you. You don't have to set up anything
1162
01:35:04.070 --> 01:35:06.910
Orlando Gentil: it's already makes the authentication for you.
1163
01:35:07.450 --> 01:35:15.919
Orlando Gentil: but it's the same same way that you would have to use If you install the cli in your personal computer
1164
01:35:19.320 --> 01:35:21.579
you have out for
1165
01:35:22.240 --> 01:35:28.450
Orlando Gentil: of tokens it's some applications. They don't have the same capabilities.
1166
01:35:30.510 --> 01:35:32.789
Orlando Gentil: The rest capabilities that you have
1167
01:35:33.290 --> 01:35:34.870
Orlando Gentil: when you have an Api.
1168
01:35:35.290 --> 01:35:36.090
Orlando Gentil: So.
1169
01:35:36.110 --> 01:35:42.179
Orlando Gentil: instead of having to give you a password to them. You can create a token
1170
01:35:42.220 --> 01:35:44.470
Orlando Gentil: that will allow you to
1171
01:35:46.930 --> 01:35:48.860
Orlando Gentil: use to authenticate.
1172
01:35:51.100 --> 01:35:54.440
Orlando Gentil: I have to copy this value here, and use that
1173
01:35:54.750 --> 01:35:58.459
Orlando Gentil: what would be a scenario where you could use that?
1174
01:35:58.930 --> 01:36:08.519
Orlando Gentil: If you have to upload files to object storage, you can use the web, console to upload, or you can use a client.
1175
01:36:09.210 --> 01:36:13.159
The client that I want to say is.
1176
01:36:13.590 --> 01:36:17.660
Orlando Gentil: Simon does not have the capability of using Api keys.
1177
01:36:17.730 --> 01:36:23.930
Orlando Gentil: So, in order to authenticate using cyber that, and be able to do the upload to the cloud.
1178
01:36:24.280 --> 01:36:30.010
Orlando Gentil: I can create a token. I'm going to copy this token and this token i'm going to use
1179
01:36:30.340 --> 01:36:31.580
with the software.
1180
01:36:31.620 --> 01:36:35.469
Orlando Gentil: If for some reason that still can get compromised
1181
01:36:35.500 --> 01:36:37.799
Orlando Gentil: I forgot it. I don't need it.
1182
01:36:38.180 --> 01:36:40.080
Orlando Gentil: You can just come and Delete.
1183
01:36:40.650 --> 01:36:42.979
Orlando Gentil: and it will be no longer a problem
1184
01:36:43.070 --> 01:36:44.659
for that. User
1185
01:36:49.930 --> 01:37:00.400
Orlando Gentil: This secret case is, if you want to. One use that I saw, for that is, if you have an application, and you want to have like a different password
1186
01:37:00.540 --> 01:37:02.570
Orlando Gentil: that's different from the token. Here
1187
01:37:03.430 --> 01:37:05.360
Orlando Gentil: you can generate a key.
1188
01:37:05.780 --> 01:37:06.920
Orlando Gentil: and
1189
01:37:08.060 --> 01:37:10.799
Orlando Gentil: it's just like an extra parameter that you can use
1190
01:37:12.410 --> 01:37:16.860
Orlando Gentil: instead of that. Okay, the token has a different format. It's pretty much the same thing.
1191
01:37:17.980 --> 01:37:20.239
Orlando Gentil: but the key is usually longer.
1192
01:37:21.430 --> 01:37:23.199
Orlando Gentil: I have to double check on the
1193
01:37:23.980 --> 01:37:25.479
Orlando Gentil: the exact difference
1194
01:37:26.350 --> 01:37:28.200
database passwords
1195
01:37:29.100 --> 01:37:37.239
Orlando Gentil: again, so you can take advantage of the the integration that the oracle daily basis will have with. I am users.
1196
01:37:39.120 --> 01:37:43.929
Orlando Gentil: If you are using a off protocol, you can set up credentials here as well.
1197
01:37:45.510 --> 01:37:46.500
Orlando Gentil: Yeah.
1198
01:37:46.900 --> 01:37:53.479
Orlando Gentil: smtp credentials is, we have a notification service. No, sorry we have an smtp service.
1199
01:37:53.680 --> 01:37:59.479
Orlando Gentil: A that is authenticated. So if you want this user to be able to send email.
1200
01:37:59.600 --> 01:38:00.639
Orlando Gentil: let's see
1201
01:38:00.960 --> 01:38:08.540
your application needs to send emails. It's not able to communicate with the Api to do the things.
1202
01:38:08.620 --> 01:38:14.620
Orlando Gentil: to to send the messages you can set up as regular smtp protocol
1203
01:38:15.680 --> 01:38:17.649
Orlando Gentil: like a regular email client.
1204
01:38:17.740 --> 01:38:24.209
Orlando Gentil: and use the smtp for that to send the message for that application. So you can create this credentials Here.
1205
01:38:26.100 --> 01:38:29.019
Orlando Gentil: let's go back to the presentation
1206
01:38:33.460 --> 01:38:38.510
is the token same as Aws secret key. Yes, exactly that.
1207
01:38:39.240 --> 01:38:42.109
Orlando Gentil: When we come to the object storage part.
1208
01:38:43.490 --> 01:38:47.730
Orlando Gentil: I will talk about the S. 3 compatibility layer.
1209
01:38:47.900 --> 01:38:51.990
Orlando Gentil: though, so that it it will relate with what you know from the Aws
1210
01:38:52.530 --> 01:38:54.189
s 3 access.
1211
01:38:55.910 --> 01:38:59.329
Orlando Gentil: So we talked about the else token how they look like
1212
01:39:00.330 --> 01:39:02.420
Orlando Gentil: and what they used for.
1213
01:39:07.630 --> 01:39:09.789
Orlando Gentil: They don't have slides on the others. Okay.
1214
01:39:10.020 --> 01:39:12.249
Orlando Gentil: going directly to the
1215
01:39:12.920 --> 01:39:14.150
Orlando Gentil: permissions.
1216
01:39:16.100 --> 01:39:17.959
Orlando Gentil: So if we expand.
1217
01:39:18.050 --> 01:39:22.739
Orlando Gentil: we we showed the group of users and all the
1218
01:39:23.880 --> 01:39:30.389
Orlando Gentil: users and users go to groups, groups to policies, policies, compartments, and their resources.
1219
01:39:30.750 --> 01:39:34.510
Orlando Gentil: If we expand the policies. This is what we have inside.
1220
01:39:35.150 --> 01:39:36.590
Orlando Gentil: We will have
1221
01:39:37.810 --> 01:39:38.950
Orlando Gentil: the
1222
01:39:39.200 --> 01:39:42.880
Orlando Gentil: the the the permission that we have not permission. I forgot the name. Now
1223
01:39:43.380 --> 01:39:46.010
Orlando Gentil: the condition, if it's going to be, allow or deny
1224
01:39:46.450 --> 01:39:47.700
Orlando Gentil: subjects.
1225
01:39:47.940 --> 01:39:51.010
Orlando Gentil: and then go with what you can do
1226
01:39:51.510 --> 01:39:55.689
Orlando Gentil: where the resource should be; and if you have any condition.
1227
01:39:58.240 --> 01:40:00.009
Orlando Gentil: the subject clause
1228
01:40:00.140 --> 01:40:02.030
Orlando Gentil: can be a group.
1229
01:40:02.510 --> 01:40:03.990
Orlando Gentil: a dynamic group.
1230
01:40:04.790 --> 01:40:06.190
Orlando Gentil: or a service.
1231
01:40:06.780 --> 01:40:09.489
Orlando Gentil: The group is where you're going to put your users.
1232
01:40:10.130 --> 01:40:20.220
Orlando Gentil: So, just to be very clear here. You can't assign the permission to a user it will always be a group, dynamic group or a service.
1233
01:40:20.260 --> 01:40:24.470
Orlando Gentil: Your user needs to be assigned to a service when you are going to
1234
01:40:26.050 --> 01:40:27.210
Orlando Gentil: with people there.
1235
01:40:27.600 --> 01:40:33.530
Orlando Gentil: Dynamic groups they are used for the For example, instances.
1236
01:40:33.950 --> 01:40:48.800
Orlando Gentil: You can create a group and say all the instances that obey a certain condition that could be. They are in a certain compartment, or they have a certain tag you can, Future?
1237
01:40:48.820 --> 01:40:54.120
Orlando Gentil: How? Who? How's going to be the membership of this dynamic group.
1238
01:40:55.130 --> 01:40:59.759
Orlando Gentil: and once you meet the criteria, it's automatically added to the group.
1239
01:41:00.750 --> 01:41:06.769
Orlando Gentil: If you create a membership for instances that are on the production compartment.
1240
01:41:07.880 --> 01:41:16.430
Orlando Gentil: Every time you create an instance there it will be automatically manage it to this dynamic group, because we are doing that based on the
1241
01:41:16.850 --> 01:41:29.719
Orlando Gentil: the location of the the that resource. If it's on the tag. As soon as you add the tag, it goes the dynamic. So that's why the it's called Dynamic Group. You don't have to go and
1242
01:41:30.190 --> 01:41:38.399
Orlando Gentil: attach the resource directly to the group. You just need to meet the condition, and the once you meet the condition it will be. Part of the group
1243
01:41:40.160 --> 01:41:45.659
Orlando Gentil: services is, if the service needs to do something.
1244
01:41:46.880 --> 01:41:47.920
Orlando Gentil: let me
1245
01:41:48.040 --> 01:41:55.149
Orlando Gentil: step back and start saying that by default. Everything on Oci is denied.
1246
01:41:55.490 --> 01:42:02.170
Orlando Gentil: You have to be explicitly, explicitly allowed to do the
1247
01:42:04.410 --> 01:42:06.030
Orlando Gentil: to do a certain action.
1248
01:42:06.710 --> 01:42:12.940
Orlando Gentil: There's nothing here is going to be by accident, because you forgot to lock one door.
1249
01:42:13.030 --> 01:42:20.239
Orlando Gentil: It's exactly the opposite. If someone can do any action, it's because you granted that
1250
01:42:20.850 --> 01:42:28.280
Orlando Gentil: so even services within. Oci. They have to have permissions to do certain operations.
1251
01:42:29.860 --> 01:42:31.370
Orlando Gentil: If you are doing
1252
01:42:31.530 --> 01:42:40.940
Orlando Gentil: when we go to object storage, I can. I think I can give you a better example of that, because object storage service needs to perform several actions
1253
01:42:41.250 --> 01:42:43.410
Orlando Gentil: depending on the
1254
01:42:43.960 --> 01:42:46.929
Orlando Gentil: there, the feature that you want to use.
1255
01:42:47.870 --> 01:42:50.640
Orlando Gentil: the way that you, If you reference
1256
01:42:50.690 --> 01:42:54.099
Orlando Gentil: subject subjects, it's by the Id.
1257
01:42:54.350 --> 01:42:56.510
Orlando Gentil: If you guys remember the
1258
01:42:57.720 --> 01:43:01.190
Orlando Gentil: the Id is the
1259
01:43:02.050 --> 01:43:09.740
Orlando Gentil: that's a the long number that we have for every single resource, or by the name of the the resource.
1260
01:43:14.330 --> 01:43:16.339
Orlando Gentil: So remember users.
1261
01:43:16.510 --> 01:43:17.780
Orlando Gentil: they're going to the group.
1262
01:43:17.960 --> 01:43:19.769
Orlando Gentil: This is how they are
1263
01:43:21.660 --> 01:43:23.249
Orlando Gentil: all day tight together.
1264
01:43:23.340 --> 01:43:26.369
Orlando Gentil: If you have identity domains.
1265
01:43:26.460 --> 01:43:28.200
Orlando Gentil: you have to add
1266
01:43:28.540 --> 01:43:29.389
Orlando Gentil: the
1267
01:43:29.480 --> 01:43:31.929
Orlando Gentil: prepare the name of the user
1268
01:43:32.270 --> 01:43:36.649
Orlando Gentil: or the group, like the name of the group with the Domain group.
1269
01:43:37.160 --> 01:43:43.010
Orlando Gentil: If you don't put the domain prepared with the domain name, it will use the default.
1270
01:43:43.680 --> 01:43:47.429
Orlando Gentil: So to avoid ambiguity and any mistakes.
1271
01:43:47.450 --> 01:43:59.489
Orlando Gentil: if you have, if you happen to have groups that are defined on 2 different Id domains you specify the domain here. If you don't, just be aware that it's going to be used the default.
1272
01:44:00.540 --> 01:44:03.439
Orlando Gentil: Another thing that you have on the
1273
01:44:04.690 --> 01:44:07.709
Orlando Gentil: within the subject class is the any. User
1274
01:44:07.780 --> 01:44:11.439
Orlando Gentil: If you want everyone to have a certain type of access
1275
01:44:11.710 --> 01:44:14.479
you can grant to the any user
1276
01:44:15.990 --> 01:44:18.869
Orlando Gentil: I I use for any. User. For example.
1277
01:44:19.530 --> 01:44:21.939
when you go to the cloud, show
1278
01:44:22.430 --> 01:44:23.710
Orlando Gentil: this guy here.
1279
01:44:24.290 --> 01:44:28.030
Orlando Gentil: If you don't have permission you won't be able to use it.
1280
01:44:28.280 --> 01:44:37.370
Orlando Gentil: So I have to have a permission to do that. I think I have another account that I can use to show that that I did it set up yet, or at least it's cleaner.
1281
01:44:40.600 --> 01:44:44.179
Orlando Gentil: After we defined what is the
1282
01:44:45.410 --> 01:44:48.510
Orlando Gentil: the subject? Next thing is going to be the
1283
01:44:48.660 --> 01:44:49.990
the verb.
1284
01:44:50.260 --> 01:44:52.580
Orlando Gentil: What is the what they can do?
1285
01:44:52.840 --> 01:44:54.769
Orlando Gentil: Possible verbs are
1286
01:44:54.910 --> 01:45:00.209
Orlando Gentil: from from the top to bottom. They are increasingly given permissions
1287
01:45:00.270 --> 01:45:05.410
Orlando Gentil: to the objects. So you have inspect, read, use, and manage.
1288
01:45:06.340 --> 01:45:15.469
Orlando Gentil: inspect it's usually for people that want to observe the resource, but they don't have access to
1289
01:45:18.000 --> 01:45:21.829
Orlando Gentil: to the information of the resource. They know that the resource exist.
1290
01:45:21.920 --> 01:45:25.140
Orlando Gentil: but they don't know the details of that.
1291
01:45:25.780 --> 01:45:35.000
Orlando Gentil: It's a used, for for example, to third party auditors. You want to show where a certain resource is, and
1292
01:45:36.200 --> 01:45:41.629
Orlando Gentil: before they can expect how the the things are tied together. But they don't have to have the details
1293
01:45:41.900 --> 01:45:43.689
Orlando Gentil: you give them inspect.
1294
01:45:44.350 --> 01:45:46.650
Orlando Gentil: Then you have the read.
1295
01:45:47.440 --> 01:45:51.790
Orlando Gentil: read. You can see the details, but you will not be able to change anything.
1296
01:45:52.080 --> 01:45:55.219
Orlando Gentil: The use case for that is for
1297
01:45:55.750 --> 01:45:58.090
local auditors.
1298
01:45:58.170 --> 01:46:01.280
Orlando Gentil: They want to know who created something.
1299
01:46:02.560 --> 01:46:08.389
Orlando Gentil: What's the detail, for example, if they have, if it's a resource that has a size.
1300
01:46:08.460 --> 01:46:11.609
Orlando Gentil: They want to see check the size of that resources
1301
01:46:11.950 --> 01:46:13.370
Orlando Gentil: you're going to give that
1302
01:46:14.490 --> 01:46:17.730
Orlando Gentil: they use. Permission is for
1303
01:46:19.220 --> 01:46:20.609
Orlando Gentil: the regular user
1304
01:46:20.670 --> 01:46:22.529
Orlando Gentil: what would be a regular user
1305
01:46:22.720 --> 01:46:26.579
Orlando Gentil: let's say you have a development team.
1306
01:46:26.610 --> 01:46:35.650
Orlando Gentil: and they have the permission to create instances to manage everything they have the manage permission for to manage everything.
1307
01:46:35.670 --> 01:46:40.060
Orlando Gentil: but you don't want them to have permissions to manage the network.
1308
01:46:40.390 --> 01:46:44.509
Orlando Gentil: So instead of giving them a full permissions
1309
01:46:45.160 --> 01:46:52.500
Orlando Gentil: to finish everything you can say, hey, you can manage the instances, but you only use the network
1310
01:46:52.660 --> 01:46:58.179
Orlando Gentil: so that we will allow them to find where the networks are. The subnets are.
1311
01:46:58.270 --> 01:47:07.089
Orlando Gentil: and but they can change, for example, the routes they can do any operations besides saying, hey, I want to be connected to this network.
1312
01:47:08.270 --> 01:47:12.500
Orlando Gentil: and with manage. You can do pretty much anything that is allowed
1313
01:47:12.990 --> 01:47:14.649
Orlando Gentil: to that
1314
01:47:14.920 --> 01:47:16.290
Orlando Gentil: to that resource
1315
01:47:21.350 --> 01:47:25.139
the actions that you're going to define. With the verbs
1316
01:47:25.660 --> 01:47:29.340
Orlando Gentil: you can use the individual resources.
1317
01:47:30.000 --> 01:47:36.160
Orlando Gentil: The B systems. dB. Notes to be homes, or you can take advantage of the aggregate resource type.
1318
01:47:36.990 --> 01:47:38.920
Orlando Gentil: So if you go with the
1319
01:47:39.040 --> 01:47:46.949
Orlando Gentil: the Dba. You don't have to give individual permissions. If the guy is gonna be able to manage everything, you can just use database family.
1320
01:47:48.000 --> 01:47:54.960
Orlando Gentil: If your developer, if you want to break down what they are going to be able to see on the databases.
1321
01:47:55.260 --> 01:48:07.429
Orlando Gentil: Sometimes they gonna be able to see databases on autonomous database, but you don't want them to touch on the dB systems so you can future by the individual resource type
1322
01:48:11.310 --> 01:48:15.259
Orlando Gentil: what? Let's. See what they have here.
1323
01:48:15.450 --> 01:48:18.669
Orlando Gentil: No, this is just example. Let me go back one here.
1324
01:48:23.110 --> 01:48:28.229
Orlando Gentil: We talked about the actions how we can do with the
1325
01:48:28.690 --> 01:48:31.769
Orlando Gentil: telling what's going to be the resource that it's going to be.
1326
01:48:32.690 --> 01:48:36.650
Orlando Gentil: I'm going to use this slide because you're going to go to the examples later.
1327
01:48:37.770 --> 01:48:38.559
Orlando Gentil: So
1328
01:48:38.690 --> 01:48:43.649
Orlando Gentil: you say where with the in and with the placement. We're going to tell
1329
01:48:43.840 --> 01:48:45.760
Orlando Gentil: where the well.
1330
01:48:46.150 --> 01:48:49.119
Orlando Gentil: what's the compartment where that resource is
1331
01:48:50.000 --> 01:48:56.630
Orlando Gentil: Developers can play with within the test compartment, but they can't play with production.
1332
01:48:56.760 --> 01:49:00.620
Orlando Gentil: so I can give them permissions to manage
1333
01:49:01.890 --> 01:49:08.130
Orlando Gentil: the what is instance, family and the volume family, just in the compartment
1334
01:49:08.450 --> 01:49:10.599
that is called test.
1335
01:49:10.990 --> 01:49:12.430
Orlando Gentil: or that
1336
01:49:12.470 --> 01:49:18.250
Orlando Gentil: you can do whatever that. If you have 2 different sets of applications there
1337
01:49:18.550 --> 01:49:22.050
Orlando Gentil: you could go and say where a condition
1338
01:49:22.250 --> 01:49:24.260
Orlando Gentil: and you can use
1339
01:49:24.310 --> 01:49:26.240
Orlando Gentil: the name of the instance.
1340
01:49:26.870 --> 01:49:33.770
Orlando Gentil: some group, some tabs to allow that to filter. Let's go to the example.
1341
01:49:35.720 --> 01:49:39.730
Orlando Gentil: Let's say we have this lady in your infrastructure.
1342
01:49:39.920 --> 01:49:46.970
Orlando Gentil: We have the availability domain. I think that's too much. We didn't have to have the ability domain here, because should not matter.
1343
01:49:48.410 --> 01:49:57.710
Orlando Gentil: it does not apply anything to the the security model, the placement regarding the available domain, unless
1344
01:49:57.830 --> 01:49:59.369
Orlando Gentil: for the conditions.
1345
01:49:59.690 --> 01:50:01.999
Orlando Gentil: If you want to say that you want to manage
1346
01:50:02.110 --> 01:50:03.179
Orlando Gentil: a certain
1347
01:50:03.260 --> 01:50:04.889
resource that it's up
1348
01:50:05.050 --> 01:50:07.920
Orlando Gentil: the in a certain compartment.
1349
01:50:07.970 --> 01:50:11.739
Orlando Gentil: and it's a specific as the ability domain you could break down
1350
01:50:11.950 --> 01:50:13.700
Orlando Gentil: like that.
1351
01:50:14.980 --> 01:50:17.140
Orlando Gentil: So we have our Vcn.
1352
01:50:17.400 --> 01:50:19.679
Orlando Gentil: We will have a subnet.
1353
01:50:19.760 --> 01:50:21.619
Orlando Gentil: We have our instance.
1354
01:50:22.710 --> 01:50:26.259
Orlando Gentil: and I'm going to create the policy that says Allow because
1355
01:50:26.510 --> 01:50:30.509
Orlando Gentil: that's the very first word that we have to do. Everything is denied.
1356
01:50:32.300 --> 01:50:38.600
Orlando Gentil: I'm going to give the commission to the group. The name of the group is network admins.
1357
01:50:38.780 --> 01:50:40.830
Orlando Gentil: and they can manage
1358
01:50:41.670 --> 01:50:45.440
Orlando Gentil: anything from the virtual network family in the Tennessee.
1359
01:50:45.790 --> 01:50:46.849
Orlando Gentil: So
1360
01:50:47.320 --> 01:50:51.319
Orlando Gentil: if I had another Vcn here that would be on a different compartment.
1361
01:50:51.750 --> 01:50:53.440
Orlando Gentil: I could be managing it
1362
01:50:56.770 --> 01:50:58.990
Orlando Gentil: if we have a group called
1363
01:50:59.220 --> 01:51:00.820
Orlando Gentil: Instance Launchers.
1364
01:51:01.660 --> 01:51:03.629
Orlando Gentil: I'm. Giving them permissions
1365
01:51:04.200 --> 01:51:07.590
Orlando Gentil: that will be to manage anything on the instance family.
1366
01:51:09.080 --> 01:51:12.739
Orlando Gentil: Every instance needs to have a a disc.
1367
01:51:12.830 --> 01:51:14.260
Orlando Gentil: so it's a volume.
1368
01:51:15.470 --> 01:51:29.939
Orlando Gentil: so they would have to have permissions to manage the disks. Sorry to manage the instance to use the disks. If they have use, they can't create, so they would have to rely. For example, on another group called
1369
01:51:30.070 --> 01:51:33.399
Orlando Gentil: Storage admins to create the groups for them.
1370
01:51:33.800 --> 01:51:41.509
Orlando Gentil: but in not only create it's a. There's several operations that are tied to this storage family
1371
01:51:41.760 --> 01:51:44.469
Orlando Gentil: that when we go to the
1372
01:51:45.360 --> 01:51:46.860
Orlando Gentil: storage section
1373
01:51:47.500 --> 01:51:49.900
Orlando Gentil: of the presentation that you were going to see there.
1374
01:51:51.270 --> 01:51:53.109
Orlando Gentil: and finally.
1375
01:51:53.160 --> 01:52:00.709
Orlando Gentil: you will have to also give them permission to use the virtual network family, so the instance can connect.
1376
01:52:02.230 --> 01:52:04.720
Orlando Gentil: Should the Vcn. Using the reform name.
1377
01:52:08.590 --> 01:52:10.559
Orlando Gentil: Some come on examples here.
1378
01:52:11.770 --> 01:52:14.899
exploring, for example, the
1379
01:52:16.440 --> 01:52:19.280
Orlando Gentil: the where you can. For example.
1380
01:52:20.420 --> 01:52:22.389
Orlando Gentil: if the your user
1381
01:52:23.310 --> 01:52:26.870
Orlando Gentil: sorry if the request for something on the Phoenix region.
1382
01:52:27.370 --> 01:52:31.940
Orlando Gentil: I can use the where to exclude
1383
01:52:32.350 --> 01:52:34.230
Orlando Gentil: a certain compartment Id
1384
01:52:35.250 --> 01:52:38.570
Orlando Gentil: here. It does not represent the full thing. It's just the beginning.
1385
01:52:40.450 --> 01:52:41.899
Orlando Gentil: and, as I mentioned.
1386
01:52:41.990 --> 01:52:48.790
Orlando Gentil: You can use tags. You can use different things you can even use if you have a database, the workload type.
1387
01:52:49.060 --> 01:52:56.700
Orlando Gentil: if it's autonomous transaction processing. If it's autonomous database, Pr: data warehouse.
1388
01:52:57.450 --> 01:53:01.360
Orlando Gentil: Depending on that. You can use that as a condition to future
1389
01:53:03.770 --> 01:53:08.359
Orlando Gentil: the dynamic groups. We talked a little bit. It could be.
1390
01:53:09.590 --> 01:53:13.499
Orlando Gentil: you will have principles that it's all an authenticated resource.
1391
01:53:13.700 --> 01:53:18.129
Orlando Gentil: That authenticator resource could be a user in instance, a service
1392
01:53:18.620 --> 01:53:24.150
Orlando Gentil: or another resource. For example, the the database itself, the load balancer
1393
01:53:26.960 --> 01:53:28.510
Orlando Gentil: dynamic groups.
1394
01:53:28.700 --> 01:53:29.820
Orlando Gentil: So
1395
01:53:30.360 --> 01:53:33.329
Orlando Gentil: I think we can jump this because we already talked all of that.
1396
01:53:34.320 --> 01:53:36.269
Orlando Gentil: It's just explaining the purpose.
1397
01:53:37.560 --> 01:53:40.990
Orlando Gentil: We can do that we have here. Oh.
1398
01:53:42.110 --> 01:53:53.150
Orlando Gentil: it's a good thing to see. We you create the dynamic groups, the criteria that we grant membership to a certain dynamic group. It will look something like this.
1399
01:53:53.730 --> 01:53:57.370
Orlando Gentil: You can say that it's an instance that it's on a certain compartment
1400
01:53:57.520 --> 01:53:59.129
Orlando Gentil: all instances.
1401
01:53:59.730 --> 01:54:02.079
Orlando Gentil: or you can start featuring
1402
01:54:02.840 --> 01:54:07.459
Orlando Gentil: based on parameters that are part of the details of the
1403
01:54:08.580 --> 01:54:09.919
Orlando Gentil: of the resource.
1404
01:54:10.050 --> 01:54:13.050
Orlando Gentil: You can use all that as filters to dynamic groups
1405
01:54:15.430 --> 01:54:16.670
Orlando Gentil: functions.
1406
01:54:19.290 --> 01:54:21.820
Orlando Gentil: more examples of policies.
1407
01:54:23.050 --> 01:54:24.469
Orlando Gentil: See here
1408
01:54:28.330 --> 01:54:30.680
Orlando Gentil: what I have here, this J.
1409
01:54:31.740 --> 01:54:34.320
Orlando Gentil: Authorization
1410
01:54:38.480 --> 01:54:39.880
Orlando Gentil: overseas.
1411
01:54:45.110 --> 01:54:45.700
Orlando Gentil: Yeah.
1412
01:54:45.860 --> 01:54:49.560
Orlando Gentil: So again, just more examples of the policies.
1413
01:54:49.860 --> 01:54:50.599
Orlando Gentil: Susan.
1414
01:54:51.980 --> 01:54:54.710
Orlando Gentil: If i'm granting permission to dynamic group
1415
01:54:55.300 --> 01:55:00.929
Orlando Gentil: instead of using the keyword group here on the subject, I'm going to go with Dynamic group
1416
01:55:01.380 --> 01:55:02.849
Orlando Gentil: type of permission.
1417
01:55:03.720 --> 01:55:05.620
Orlando Gentil: If the permissions here.
1418
01:55:05.680 --> 01:55:09.999
Orlando Gentil: along with the the name of the
1419
01:55:10.420 --> 01:55:13.420
Orlando Gentil: inspect to read, use, and manage.
1420
01:55:13.540 --> 01:55:24.599
Orlando Gentil: There are individual permissions that it it's a bit too deep to go. But we you can go really fine on the permissions depending on the object, the
1421
01:55:24.690 --> 01:55:26.659
Orlando Gentil: the resource type that you have.
1422
01:55:27.160 --> 01:55:33.289
Orlando Gentil: You can have permissions as granular as if they can stop or start the
1423
01:55:33.370 --> 01:55:34.990
Orlando Gentil: an instance, for example.
1424
01:55:35.570 --> 01:55:39.840
Orlando Gentil: you can be that granular. You can give permission to use the instance.
1425
01:55:39.960 --> 01:55:44.699
Orlando Gentil: or to manage the instance, but they can't restart the instance.
1426
01:55:45.480 --> 01:55:50.769
Orlando Gentil: that would make no sense. But just so. You can have an idea how granular the policies can be
1427
01:55:51.000 --> 01:55:54.640
different from other providers.
1428
01:55:55.760 --> 01:56:13.629
Orlando Gentil: I remember just a little bit of aws. You have to write like a Jason file to do this the way that we handle policies on those Ci. It's a with natural language. So allow dynamic group to manage objects. It's a simpler to read and see what's going to be the end result.
1429
01:56:14.360 --> 01:56:16.150
Orlando Gentil: If you have like a Jason
1430
01:56:16.540 --> 01:56:19.139
Orlando Gentil: programmatically. It might be helpful
1431
01:56:19.440 --> 01:56:33.349
Orlando Gentil: if you are developing like a control panel, something like that. But if you want to read and see, it takes time for you to get used to those those styles of policies. Here is just a bit simpler.
1432
01:56:35.460 --> 01:56:38.760
Orlando Gentil: Network sources is.
1433
01:56:38.980 --> 01:56:40.559
Orlando Gentil: you can see
1434
01:56:42.480 --> 01:56:48.880
Orlando Gentil: from where the user should be doing to the user that it's managing
1435
01:56:49.020 --> 01:56:51.010
Orlando Gentil: should be performing something.
1436
01:56:51.780 --> 01:57:00.060
Orlando Gentil: So if you have a user that, it's part of a network policy, you can future and say, hey, if he's in the within the
1437
01:57:01.170 --> 01:57:04.490
Orlando Gentil: corporate network, he can manage. Oci.
1438
01:57:05.070 --> 01:57:11.790
Orlando Gentil: If he is from outside, Don't allow, because it could be because he's a you. You want to prevent
1439
01:57:12.270 --> 01:57:16.140
Orlando Gentil: that if he's best where this is stolen, his credentials are stolen.
1440
01:57:16.530 --> 01:57:17.260
Orlando Gentil: you
1441
01:57:17.340 --> 01:57:21.050
Orlando Gentil: don't want that to be used, and harm the infrastructure.
1442
01:57:21.200 --> 01:57:22.200
Orlando Gentil: and by
1443
01:57:22.260 --> 01:57:24.570
Orlando Gentil: messing with the resources on those Ci.
1444
01:57:28.250 --> 01:57:30.550
Orlando Gentil: And that finishes the
1445
01:57:32.090 --> 01:57:34.859
Orlando Gentil: part that we want to talk about the
1446
01:57:35.270 --> 01:57:36.920
Orlando Gentil: identity and access management.
1447
01:57:37.020 --> 01:57:41.630
Orlando Gentil: It's a long session, but it's so important for you to know how to manage
1448
01:57:41.700 --> 01:57:43.989
Orlando Gentil: the different resources that you have.
1449
01:57:45.980 --> 01:57:47.410
Orlando Gentil: instead of a
1450
01:57:47.790 --> 01:57:52.409
Orlando Gentil: just coming here, and something failing, and you don't know what it's saying. Remember.
1451
01:57:52.590 --> 01:57:55.200
Orlando Gentil: by default everything is denied.
1452
01:57:55.260 --> 01:57:57.889
Orlando Gentil: So you have to
1453
01:57:58.190 --> 01:58:07.539
Orlando Gentil: to do a simple browsing the way that i'm doing here. If you are not allowed to manage the instances in this compartment, you will have like an access to it.
1454
01:58:08.490 --> 01:58:09.410
Orlando Gentil: With that
1455
01:58:14.690 --> 01:58:18.380
Orlando Gentil: let me see if I can show you the
1456
01:58:20.320 --> 01:58:21.779
Orlando Gentil: on the studies.
1457
01:58:22.910 --> 01:58:25.029
Orlando Gentil: if I have a permission here.
1458
01:58:28.560 --> 01:58:30.240
Orlando Gentil: Oh.
1459
01:58:32.820 --> 01:58:36.279
Orlando Gentil: I think I already have the permissions in place. It's a
1460
01:58:38.030 --> 01:58:40.170
Orlando Gentil: It will not allow me to do that
1461
01:58:47.800 --> 01:58:50.729
Orlando Gentil: up here. That's what I want to choose for, sure.
1462
01:58:50.830 --> 01:59:00.559
Orlando Gentil: So if I want to, we're gonna show that in detail. But you can replicate the buckets from object storage, from one region to another, and all that.
1463
01:59:01.400 --> 01:59:04.460
Orlando Gentil: But if I don't have.
1464
01:59:05.520 --> 01:59:08.259
Orlando Gentil: if I don't, grant the proper permissions
1465
01:59:10.550 --> 01:59:15.119
Orlando Gentil: to the destination, I have to have stuff in there.
1466
01:59:16.390 --> 01:59:18.040
Orlando Gentil: and
1467
01:59:19.490 --> 01:59:29.279
Orlando Gentil: as this section is going to be performed by the service, you don't have to be the one managing this replication. You have to grant permissions
1468
01:59:29.580 --> 01:59:32.389
Orlando Gentil: to the service to do that for you.
1469
01:59:33.880 --> 01:59:36.219
Orlando Gentil: So I have to allow who
1470
01:59:36.740 --> 01:59:37.930
Orlando Gentil: the service
1471
01:59:38.140 --> 01:59:40.819
Orlando Gentil: object, storage from these region.
1472
01:59:41.400 --> 01:59:44.549
Orlando Gentil: if it's on another region. It's going to be a different service name.
1473
01:59:45.350 --> 01:59:48.289
Orlando Gentil: and this guy will be able to manage
1474
01:59:48.450 --> 01:59:49.800
Orlando Gentil: object family
1475
01:59:50.000 --> 01:59:51.839
Orlando Gentil: that it's on this compartment.
1476
01:59:52.140 --> 01:59:53.900
Orlando Gentil: This compartment here.
1477
01:59:55.310 --> 01:59:56.820
Orlando Gentil: I didn't show you.
1478
01:59:57.220 --> 01:59:58.719
Orlando Gentil: but it's listed here
1479
01:59:59.190 --> 02:00:01.390
Orlando Gentil: on the details of the object.
1480
02:00:05.300 --> 02:00:07.800
Orlando Gentil: Okay. So when you create, for example.
1481
02:00:07.870 --> 02:00:13.089
Orlando Gentil: to set up replication, if the service is not allowed to do this, it will fail.
1482
02:00:14.700 --> 02:00:20.370
Orlando Gentil: and then you can copy here. If you try to add, it will have a link to the policy.
1483
02:00:21.210 --> 02:00:22.010
Let's see.
1484
02:00:25.870 --> 02:00:28.899
Orlando Gentil: So you have a way to create the policy from here.
1485
02:00:32.910 --> 02:00:35.750
Orlando Gentil: Okay, because remember, everything is the night.
1486
02:00:35.970 --> 02:00:42.689
Orlando Gentil: If you got permission denial in your mutual ci. Remember, you might be missing some permission
1487
02:00:43.410 --> 02:00:54.539
Orlando Gentil: check on the documentation on the overview of every single resource. It will tell you what are the minimum permissions that you have to have to do certain operations.
1488
02:01:01.360 --> 02:01:06.189
Orlando Gentil: and I think that with that we can go to the
1489
02:01:07.530 --> 02:01:10.360
Orlando Gentil: start talking about networking.
1490
02:01:17.380 --> 02:01:21.649
Orlando Gentil: We just reach it the 2 h, Mark: Correct Miles.
1491
02:01:23.730 --> 02:01:26.750
Myles Brown: Yeah, You can take it right before moving on.
1492
02:01:27.210 --> 02:01:30.729
Orlando Gentil: Yep. 5 min, 10 min. What do you think?
1493
02:01:31.610 --> 02:01:33.019
Myles Brown: Oh, let's give him.
1494
02:01:33.780 --> 02:01:43.569
Myles Brown: It's given 10 min. We we have. Okay, let's go with 10 min, because the next part is going to be in T with a network compute and storage
1495
02:01:44.740 --> 02:01:45.420
Orlando Gentil: cool.
1496
02:01:47.160 --> 02:01:51.709
Orlando Gentil: I want to share the data screen or can you share from there how it works.
1497
02:01:57.880 --> 02:01:58.849
Myos?
1498
02:02:07.690 --> 02:02:08.570
Orlando Gentil: Oh, okay.
1499
02:02:08.680 --> 02:02:09.740
Orlando Gentil: you do it.
1500
02:02:12.190 --> 02:02:15.610
Orlando Gentil: Oh, my
1501
02:02:16.080 --> 02:02:17.130
data phone.
1502
02:02:29.090 --> 02:02:33.860
James, this is beyond the scope. So if you were there for the
1503
02:02:34.390 --> 02:02:34.980
Orlando Gentil: well.
1504
02:02:36.290 --> 02:02:42.649
Orlando Gentil: let's do this at the end of the presentation. If you can stay a couple of minutes, so I can give you more details on.
1505
02:02:43.250 --> 02:02:46.870
Orlando Gentil: Or maybe after the old after the storage part.
1506
02:02:46.930 --> 02:02:49.470
Orlando Gentil: you gonna see a little bit of the
1507
02:02:50.840 --> 02:02:53.059
Orlando Gentil: How object storage works.
1508
02:02:53.240 --> 02:02:57.210
Orlando Gentil: and that can give you some ideas on how to.
1509
02:10:29.480 --> 02:10:30.059
Yeah.
1510
02:10:33.400 --> 02:10:35.619
Orlando Gentil: Okay, we Beck.
1511
02:10:37.200 --> 02:10:40.889
Orlando Gentil: Oh, my! See that someone is
1512
02:10:41.720 --> 02:10:44.880
Orlando Gentil: as a raised hand. How how do you do that?
1513
02:10:44.950 --> 02:10:47.579
Orlando Gentil: You, Grant and I' to talk how it works?
1514
02:10:48.760 --> 02:10:51.550
No, they can't talk. They can just put
1515
02:10:51.600 --> 02:10:54.259
Orlando Gentil: questions in the job. Basically okay.
1516
02:10:55.900 --> 02:11:01.939
Orlando Gentil: So i'm gonna whoever raised the hand. I'm: going to lower your hand. Because yeah, please
1517
02:11:01.960 --> 02:11:03.610
Orlando Gentil: used like the chat.
1518
02:11:05.880 --> 02:11:06.769
Orlando Gentil: Okay.
1519
02:11:08.340 --> 02:11:09.370
So
1520
02:11:09.680 --> 02:11:10.620
Orlando Gentil: we've
1521
02:11:10.800 --> 02:11:14.870
Orlando Gentil: that we do let's start with the network.
1522
02:11:15.150 --> 02:11:17.900
Orlando Gentil: It's my other presentation
1523
02:11:24.590 --> 02:11:26.050
Orlando Gentil: network
1524
02:11:32.590 --> 02:11:33.760
is the share.
1525
02:11:43.890 --> 02:11:45.660
Orlando Gentil: Here we go.
1526
02:11:48.440 --> 02:11:51.809
Orlando Gentil: So i'm going to talk a key concept of
1527
02:11:52.590 --> 02:11:53.789
Orlando Gentil: the Vcn
1528
02:11:54.230 --> 02:11:57.269
Orlando Gentil: and the components how they tie together.
1529
02:11:57.940 --> 02:12:01.780
Orlando Gentil: And what you need to understand to start working with.
1530
02:12:05.480 --> 02:12:08.309
Orlando Gentil: as I mentioned before, is.
1531
02:12:09.450 --> 02:12:16.080
Orlando Gentil: we give you the physical network, and on top of that you you create your retail cloud network.
1532
02:12:17.790 --> 02:12:19.409
Orlando Gentil: It's software defined.
1533
02:12:19.750 --> 02:12:22.270
Orlando Gentil: It's a regional resource. So
1534
02:12:22.650 --> 02:12:27.929
Orlando Gentil: every region that you are working with you're gonna have to have at least one Vcn.
1535
02:12:29.140 --> 02:12:35.769
Orlando Gentil: That Vcn: You can use Ipv: 4 private addresses or Ipv 6
1536
02:12:36.710 --> 02:12:38.930
Orlando Gentil: that you can grant or not
1537
02:12:39.170 --> 02:12:42.150
Orlando Gentil: access to the
1538
02:12:42.200 --> 02:12:43.499
Orlando Gentil: to the Internet.
1539
02:12:44.780 --> 02:12:49.100
Orlando Gentil: When you create the the Vcn. You have to assign a cider block.
1540
02:12:49.160 --> 02:12:51.810
Orlando Gentil: but down the road you can
1541
02:12:52.080 --> 02:12:58.230
Orlando Gentil: add or modify the siders that are part of that.
1542
02:12:58.480 --> 02:12:59.809
Orlando Gentil: the the
1543
02:13:00.390 --> 02:13:01.569
Orlando Gentil: that we see it.
1544
02:13:02.650 --> 02:13:04.019
Orlando Gentil: Virtual cloud network.
1545
02:13:04.870 --> 02:13:06.170
Orlando Gentil: the
1546
02:13:06.200 --> 02:13:07.890
Orlando Gentil: What if you see here?
1547
02:13:10.290 --> 02:13:12.200
Orlando Gentil: And this is just a
1548
02:13:14.900 --> 02:13:16.049
so here.
1549
02:13:19.590 --> 02:13:21.959
Orlando Gentil: yeah, we? It's also defined
1550
02:13:22.430 --> 02:13:24.570
Orlando Gentil: when
1551
02:13:25.000 --> 02:13:28.870
Orlando Gentil: the ranges that you're going to use it's the the private range.
1552
02:13:29.480 --> 02:13:43.839
Orlando Gentil: The recommended range is, say, G. Foot, if you go check on the Rfc. For 10 networks is going to be a slash 8, if it's a for 1. 72 the recommended size is going to be a slash, 12,
1553
02:13:44.020 --> 02:13:47.960
Orlando Gentil: but the maximum size that we have for a Vcn.
1554
02:13:48.710 --> 02:13:54.119
Orlando Gentil: He is 16. So even if you define 10 dot 0 dot 0
1555
02:13:54.220 --> 02:14:01.230
Orlando Gentil: the maximum size that we get you get for that Vcn: it's going to be a less 16.
1556
02:14:01.990 --> 02:14:09.029
Orlando Gentil: As we can modify down the road you can add 10, but one that's 0. That 0 is life 16.
1557
02:14:09.260 --> 02:14:14.630
Orlando Gentil: In that we have encompass the same. We see it. You're gonna have 2 ranges.
1558
02:14:15.760 --> 02:14:19.460
Orlando Gentil: You can make them small all the way to 30
1559
02:14:19.590 --> 02:14:21.529
Orlando Gentil: but 30. I think it's going to give you
1560
02:14:21.790 --> 02:14:23.759
Orlando Gentil: 5. No, not 5 Ap.
1561
02:14:25.890 --> 02:14:29.329
Orlando Gentil: I. The. They will check my mess, please.
1562
02:14:30.120 --> 02:14:34.970
Orlando Gentil: and as you have to create subnetting site
1563
02:14:35.280 --> 02:14:37.980
Orlando Gentil: might not be that that's useful. But
1564
02:14:38.020 --> 02:14:41.460
Orlando Gentil: the point is, you have all this flexibility on the size
1565
02:14:41.900 --> 02:14:43.250
Orlando Gentil: of the Vcn
1566
02:14:44.300 --> 02:14:50.190
Orlando Gentil: you can assign Ipv 6 is at 36 prefixes
1567
02:14:50.260 --> 02:14:52.620
based on the Vcn.
1568
02:14:53.380 --> 02:14:57.720
Orlando Gentil: You can import, if you already have those blocks of ips.
1569
02:14:58.630 --> 02:15:03.979
Orlando Gentil: and you can, as the different from the Ipv 4 where
1570
02:15:04.640 --> 02:15:09.560
Orlando Gentil: those are not private. You wouldn't have to assign on the sudden that if it's private or not.
1571
02:15:10.160 --> 02:15:14.679
Orlando Gentil: ipv 6, it's a little bit a little bit different. The the private ips.
1572
02:15:16.080 --> 02:15:20.950
Orlando Gentil: if we want to oversimplify private ips, don't exist on Ipv. 6
1573
02:15:21.200 --> 02:15:27.249
Orlando Gentil: you just control. If they can be public or private. It's just a flag.
1574
02:15:27.500 --> 02:15:28.599
Orlando Gentil: almost, c. I.
1575
02:15:30.870 --> 02:15:33.530
Orlando Gentil: Vc. And they are divided on subnet
1576
02:15:34.030 --> 02:15:41.020
Orlando Gentil: because you want to organize things on the different way. You want to have a subnet, for example, for your
1577
02:15:42.340 --> 02:15:54.230
Orlando Gentil: for your database, you're gonna have another subnet that we're gonna be your Dmz. The things that going to be exposed on the Internet. You want to have the data submit.
1578
02:15:54.240 --> 02:16:02.480
Orlando Gentil: We said the database. You want to have another one for application, one. You're gonna have another subnet for application 2,
1579
02:16:02.720 --> 02:16:09.279
Orlando Gentil: so they allow you to create different subdivisions within the Vcn.
1580
02:16:11.470 --> 02:16:13.050
Orlando Gentil: The
1581
02:16:13.420 --> 02:16:16.909
Orlando Gentil: If you're coming from the traditional way world.
1582
02:16:18.460 --> 02:16:25.980
Orlando Gentil: it's not the best analogy, but you could could be closer to the way that you segment with a
1583
02:16:28.260 --> 02:16:29.190
Orlando Gentil: Vlad.
1584
02:16:30.540 --> 02:16:40.540
Orlando Gentil: Villains are different. You use the lance on the oci for a different context when you're doing this. Vmware. But it's beyond what we're going to talk to. The here
1585
02:16:42.120 --> 02:16:50.889
Orlando Gentil: Subnets can be private or public. If they are private. They will have no direct connectivity
1586
02:16:51.010 --> 02:17:04.109
Orlando Gentil: to the Internet. When we come and talk about the gateways you will understand the difference, but I think it will makes more clear the difference on private and public, and how they work
1587
02:17:07.170 --> 02:17:09.919
Orlando Gentil: submits are a regional resource.
1588
02:17:09.959 --> 02:17:15.110
Orlando Gentil: If you have a region that you have multiple domains
1589
02:17:15.520 --> 02:17:19.200
Orlando Gentil: that submit can, and it's the recommended way
1590
02:17:19.459 --> 02:17:25.639
Orlando Gentil: to go across all the theability domains being a certain regional subnet.
1591
02:17:26.500 --> 02:17:28.699
Orlando Gentil: If you have.
1592
02:17:29.290 --> 02:17:35.070
Orlando Gentil: I to be honest, I never saw a use case where the the subnet should be
1593
02:17:35.110 --> 02:17:39.320
Orlando Gentil: based on just on the available domain.
1594
02:17:39.940 --> 02:17:48.550
Orlando Gentil: If you ask me from a historical perspective on the beginning, the subnet. They were AD based resources.
1595
02:17:49.379 --> 02:17:56.789
Orlando Gentil: I think it was like 6 months down the road they started to have. We're talking back in 2017 to 18
1596
02:17:56.900 --> 02:18:00.440
Orlando Gentil: they started having the regional submission.
1597
02:18:00.719 --> 02:18:08.549
Orlando Gentil: To be honest again, I can't find a a used case where it would suit better if you had.
1598
02:18:08.600 --> 02:18:12.460
Orlando Gentil: so that that it's tied just to one of the ability to make. But
1599
02:18:12.719 --> 02:18:14.679
Orlando Gentil: you have that ability, if you need.
1600
02:18:20.120 --> 02:18:23.279
Orlando Gentil: Now, the next thing is the Security list.
1601
02:18:23.420 --> 02:18:25.399
Orlando Gentil: What is the secured list?
1602
02:18:25.549 --> 02:18:27.269
Orlando Gentil: It's a set of rules.
1603
02:18:27.549 --> 02:18:28.830
Orlando Gentil: Remember the
1604
02:18:28.870 --> 02:18:36.069
Orlando Gentil: personal firewall that you have that it's tied to the network. It's not like a separated device
1605
02:18:36.129 --> 02:18:40.410
Orlando Gentil: that controls the access of the
1606
02:18:40.770 --> 02:18:42.190
Orlando Gentil: the network access.
1607
02:18:44.730 --> 02:18:47.209
Orlando Gentil: How the cigarette list works
1608
02:18:47.450 --> 02:18:51.370
Orlando Gentil: you assigned, secure to list, to submit.
1609
02:18:51.549 --> 02:18:52.490
Orlando Gentil: and
1610
02:18:52.770 --> 02:19:00.550
Orlando Gentil: whatever is the Vinic that is connected to that subnet. It will make use of those rules.
1611
02:19:00.730 --> 02:19:06.770
Orlando Gentil: So you assign on the subnet level, but they are enforced at the
1612
02:19:08.290 --> 02:19:10.360
the Vincent level.
1613
02:19:12.799 --> 02:19:15.669
Orlando Gentil: If you want, for example, to
1614
02:19:16.750 --> 02:19:25.690
Orlando Gentil: allow things to go within the set communication between one Vm. And another, you have to specify on the secured list.
1615
02:19:27.709 --> 02:19:29.830
Orlando Gentil: and it will be applied to everyone.
1616
02:19:30.459 --> 02:19:35.720
Orlando Gentil: The way that secret list works. I think I don't like this is like, let's go to the call full.
1617
02:19:42.570 --> 02:19:47.030
Orlando Gentil: So go to the navigation menu. Some people call Hamburger menu.
1618
02:19:47.370 --> 02:19:50.080
Orlando Gentil: and you go to networking.
1619
02:19:50.550 --> 02:19:53.639
Orlando Gentil: and with networking you go through
1620
02:19:53.840 --> 02:19:55.619
Orlando Gentil: virtual cloud networks.
1621
02:19:57.670 --> 02:20:03.229
Orlando Gentil: You can create manually, or you can create using the Wizard.
1622
02:20:03.450 --> 02:20:08.110
Orlando Gentil: If you use the wizard, it will create the Vcn.
1623
02:20:08.610 --> 02:20:12.449
Orlando Gentil: The one public here in one private subnet.
1624
02:20:12.710 --> 02:20:15.379
Orlando Gentil: and it will create the gateways for you.
1625
02:20:15.400 --> 02:20:20.240
Orlando Gentil: If it's the first time that you're creating a Vcn in your tenancy and you're learning.
1626
02:20:20.680 --> 02:20:24.469
Orlando Gentil: Go with the Wizard and select with Internet connectivity.
1627
02:20:24.660 --> 02:20:30.920
Orlando Gentil: That will make your experience much better until you are a crisis with the
1628
02:20:31.240 --> 02:20:35.360
Orlando Gentil: gateways and how to manually create them.
1629
02:20:39.590 --> 02:20:41.879
Orlando Gentil: Let me just move forward.
1630
02:20:44.500 --> 02:20:46.960
Orlando Gentil: You will define the name of the Vcn.
1631
02:20:49.270 --> 02:20:51.489
Orlando Gentil: I'm. Going to call it velocity
1632
02:20:51.870 --> 02:20:53.210
Orlando Gentil: 0 1.
1633
02:20:53.760 --> 02:20:55.680
Orlando Gentil: You're gonna see the compartment.
1634
02:20:55.740 --> 02:21:04.059
Orlando Gentil: I have a tone of compartments here. If you did it. If you are on your tendency and you never created anything, you will have just the root compartment.
1635
02:21:05.120 --> 02:21:07.340
Orlando Gentil: I'm going to use my assigned compartment.
1636
02:21:08.050 --> 02:21:11.360
Orlando Gentil: You will define the side, the block. As you mentioned
1637
02:21:12.980 --> 02:21:18.809
Orlando Gentil: public, subnet, private submit. It comes pre field with this values, but you can change
1638
02:21:19.130 --> 02:21:22.030
Orlando Gentil: if you put the value that it's not allowed.
1639
02:21:25.790 --> 02:21:27.569
Orlando Gentil: If you give you a warning.
1640
02:21:28.020 --> 02:21:28.770
Orlando Gentil: so
1641
02:21:29.840 --> 02:21:32.250
Orlando Gentil: it prevents you from making some mistakes
1642
02:21:32.320 --> 02:21:41.199
Orlando Gentil: if you try if it's too small, and that, or in the public sub that's not within the range that you define here. It should complain as well.
1643
02:21:45.290 --> 02:21:45.990
Orlando Gentil: So what
1644
02:21:46.210 --> 02:21:50.139
Orlando Gentil: you have just to pay attention if you did the Dmf. Correctly.
1645
02:21:51.740 --> 02:21:53.679
Dns resolution
1646
02:21:53.840 --> 02:22:00.449
Orlando Gentil: something that you can enable or disable on the Vcn. If you enable on the Vcn. I'm. Going to show you.
1647
02:22:00.590 --> 02:22:03.490
Orlando Gentil: What do you get with that? Otherwise.
1648
02:22:03.980 --> 02:22:14.859
Orlando Gentil: after the creation, you are able to assign a different Vc. A different Dns options. If you want, instead of using the automatic one that comes before Ci.
1649
02:22:16.550 --> 02:22:19.939
Orlando Gentil: When you click next, you want to review the information that you have
1650
02:22:22.260 --> 02:22:26.560
Orlando Gentil: the gateways that I, as I mentioned. It's created automatically for you.
1651
02:22:26.860 --> 02:22:29.509
Orlando Gentil: It will create a basic security list.
1652
02:22:30.170 --> 02:22:33.029
Orlando Gentil: and the basic routing will also be set
1653
02:22:38.100 --> 02:22:39.949
Orlando Gentil: after you create.
1654
02:22:40.140 --> 02:22:42.449
Orlando Gentil: Let me go to this one that is already created
1655
02:22:44.070 --> 02:22:46.660
Orlando Gentil: you. You have the details.
1656
02:22:48.620 --> 02:22:50.840
Orlando Gentil: You going to see the least of the subnets.
1657
02:22:51.180 --> 02:22:56.069
Orlando Gentil: If you click here as per the Wizard, we have a public in a private.
1658
02:23:01.060 --> 02:23:02.690
Orlando Gentil: So the prefixes
1659
02:23:03.320 --> 02:23:04.719
Orlando Gentil: that you have
1660
02:23:06.770 --> 02:23:11.490
Orlando Gentil: route tables
1661
02:23:11.530 --> 02:23:13.090
Orlando Gentil: the subnet.
1662
02:23:14.120 --> 02:23:18.109
Orlando Gentil: So the private subnet is using the default route table.
1663
02:23:18.730 --> 02:23:21.000
Orlando Gentil: How does a route table looks like
1664
02:23:23.790 --> 02:23:26.250
Orlando Gentil: you can come here. You will add.
1665
02:23:27.070 --> 02:23:28.159
Orlando Gentil: What do you want
1666
02:23:28.240 --> 02:23:31.300
Orlando Gentil: if you are agreed to use the gateways.
1667
02:23:31.690 --> 02:23:36.539
Orlando Gentil: or if you're routing. If you have like a device that it's acting like a router
1668
02:23:36.790 --> 02:23:40.369
Orlando Gentil: or a firewall, you can use that as a destination as well.
1669
02:23:41.210 --> 02:23:42.920
Orlando Gentil: depending on each type.
1670
02:23:42.940 --> 02:23:43.780
Orlando Gentil: You gonna
1671
02:23:43.930 --> 02:23:44.920
Orlando Gentil: define
1672
02:23:45.310 --> 02:23:46.880
Orlando Gentil: different parameters.
1673
02:23:47.350 --> 02:23:50.030
Orlando Gentil: We're gonna talk later about the the gateways.
1674
02:23:51.720 --> 02:23:54.379
Let's go back here
1675
02:23:54.440 --> 02:23:57.629
Orlando Gentil: and we will go with the secured list.
1676
02:23:57.850 --> 02:23:59.739
Orlando Gentil: That's what we had on this slide
1677
02:24:01.640 --> 02:24:03.250
Orlando Gentil: on the secured list.
1678
02:24:03.940 --> 02:24:12.000
Orlando Gentil: This is not the the default one. I already added several ports here by default. They come with just
1679
02:24:12.630 --> 02:24:14.409
Orlando Gentil: this 3 here
1680
02:24:16.320 --> 02:24:20.269
Orlando Gentil: blocking, ping, and allowing Tcp.
1681
02:24:20.650 --> 02:24:26.910
Orlando Gentil: Security rules, they are divided in ingress rules. So whatever is coming from outside.
1682
02:24:27.170 --> 02:24:30.960
Orlando Gentil: directed towards your submit
1683
02:24:31.110 --> 02:24:34.350
Orlando Gentil: in egress rules. So from your subnet
1684
02:24:34.630 --> 02:24:36.089
Orlando Gentil: to somewhere else.
1685
02:24:36.220 --> 02:24:40.460
Orlando Gentil: the rules can be stateful or stateless.
1686
02:24:40.520 --> 02:24:41.869
Orlando Gentil: If they are
1687
02:24:42.250 --> 02:24:44.040
Orlando Gentil: by default, they will be
1688
02:24:44.430 --> 02:24:49.260
Orlando Gentil: stateful. So let's go here. So this guy is not going to be checking
1689
02:24:49.490 --> 02:24:51.379
Orlando Gentil: what is a stateful rule?
1690
02:24:52.130 --> 02:24:53.669
Orlando Gentil: I came in
1691
02:24:54.030 --> 02:25:01.449
Orlando Gentil: so the how, how, the how, how it works. The packet comes in, and then you have to reply, sending a packet back.
1692
02:25:01.760 --> 02:25:06.239
Orlando Gentil: If it's a stateful you just have to have a rule allowing
1693
02:25:06.260 --> 02:25:13.210
Orlando Gentil: the package to come in, and it will be automatically granted the way out the same way that he came.
1694
02:25:14.210 --> 02:25:17.060
Orlando Gentil: If it's a stateless you're gonna have to have
1695
02:25:17.180 --> 02:25:19.170
Orlando Gentil: true
1696
02:25:20.060 --> 02:25:23.739
Orlando Gentil: 2 rules, one to go out, and 1, 2
1697
02:25:25.270 --> 02:25:26.030
Orlando Gentil: louis.
1698
02:25:26.060 --> 02:25:27.840
Orlando Gentil: and I'm getting too deep.
1699
02:25:28.350 --> 02:25:31.319
Orlando Gentil: So that's how
1700
02:25:31.650 --> 02:25:40.110
Orlando Gentil: how it looks like when you add a security to to filter. And again, this is tied to the subnet, and it's applied
1701
02:25:40.230 --> 02:25:41.590
Orlando Gentil: on the
1702
02:25:42.280 --> 02:25:45.319
Orlando Gentil: another thing that we have after the
1703
02:25:46.090 --> 02:25:48.310
Orlando Gentil: what is the screen here?
1704
02:25:52.600 --> 02:25:53.240
Okay.
1705
02:25:54.600 --> 02:25:58.039
Orlando Gentil: I enforced it the Vinc. We did it.
1706
02:25:59.580 --> 02:26:02.190
Orlando Gentil: We already talked about. This is stateful.
1707
02:26:04.470 --> 02:26:06.969
Orlando Gentil: We shouldn't have worried about that much
1708
02:26:08.290 --> 02:26:12.660
Orlando Gentil: you can define on the rule, the source, the protocol.
1709
02:26:12.830 --> 02:26:15.970
Orlando Gentil: the range of ports that you're planning to use
1710
02:26:17.850 --> 02:26:22.750
Orlando Gentil: and depending on the protocol. You want to have different options here. If you say I, I
1711
02:26:22.980 --> 02:26:24.569
Orlando Gentil: you're gonna have different things.
1712
02:26:25.180 --> 02:26:29.080
Orlando Gentil: The other resource that we have. It's the network security groups.
1713
02:26:29.900 --> 02:26:34.010
Orlando Gentil: What's the difference between networks that go to groups and secret lists?
1714
02:26:34.100 --> 02:26:38.580
Orlando Gentil: Secret lists. They are defined on the subnet and applied
1715
02:26:38.650 --> 02:26:39.920
Orlando Gentil: on the
1716
02:26:40.830 --> 02:26:44.659
Orlando Gentil: interface. These network security groups. You create a
1717
02:26:44.830 --> 02:26:51.780
Orlando Gentil: a group, and you put the interfaces that will make use of that. How is that is useful?
1718
02:26:52.530 --> 02:26:59.500
Orlando Gentil: I want to have a group called Web servers that they are in a certain subnet.
1719
02:27:00.260 --> 02:27:06.330
Orlando Gentil: but I don't want all the instances to have that access. So I create a group called
1720
02:27:06.350 --> 02:27:16.439
Orlando Gentil: Web servers in Port 80, for example, will be allowed just to the servers that are part of that group, not to all the servers that are on the segment.
1721
02:27:17.780 --> 02:27:20.730
Orlando Gentil: Okay, both are used together.
1722
02:27:20.870 --> 02:27:28.570
Orlando Gentil: Recommended way is combined, as you think that it's gonna meet your needs.
1723
02:27:30.310 --> 02:27:34.270
Orlando Gentil: Oh, just the difference between them. We just talk it
1724
02:27:35.550 --> 02:27:39.060
Orlando Gentil: talking about the gateways. We have the
1725
02:27:39.430 --> 02:27:41.070
Orlando Gentil: 3 types of gateways.
1726
02:27:41.270 --> 02:27:47.449
Orlando Gentil: The Internet gateway is the one that allows your method internal IP:
1727
02:27:47.680 --> 02:27:53.680
Orlando Gentil: your internal IP should be method to a public IP. So if your server is connected to the Internet.
1728
02:27:53.840 --> 02:27:55.799
Orlando Gentil: it will.
1729
02:27:57.020 --> 02:27:59.480
Orlando Gentil: It will have an IP that it's assigned.
1730
02:27:59.610 --> 02:28:03.849
Orlando Gentil: But this IP is not assigned to the instance or to the service itself.
1731
02:28:03.870 --> 02:28:06.899
Orlando Gentil: It's method. So whatever comes to that, IP
1732
02:28:07.250 --> 02:28:08.630
Orlando Gentil: goes to the
1733
02:28:08.720 --> 02:28:10.920
Orlando Gentil: private IP of that resource.
1734
02:28:11.240 --> 02:28:13.909
Orlando Gentil: And who does? That is the Internet.
1735
02:28:15.640 --> 02:28:20.449
Orlando Gentil: If you have remember, then we talked about the subnet being private.
1736
02:28:20.690 --> 02:28:23.249
Orlando Gentil: and the subnet being public.
1737
02:28:23.330 --> 02:28:28.420
Orlando Gentil: If the subnet is my market as private, regardless, if you
1738
02:28:28.650 --> 02:28:33.770
Orlando Gentil: not regardless, you won't be able to map the it and a public it
1739
02:28:34.030 --> 02:28:35.430
Orlando Gentil: to a private IP.
1740
02:28:35.590 --> 02:28:37.449
Orlando Gentil: If the subnet is
1741
02:28:37.540 --> 02:28:48.139
Orlando Gentil: public, you have the option to use it or not; but when you make it private. It's mandatory. It won't have the option to use the Internet. Gateway.
1742
02:28:54.040 --> 02:28:58.770
Orlando Gentil: It's just.
1743
02:29:02.210 --> 02:29:05.349
you see, and get this.
1744
02:29:06.380 --> 02:29:09.219
Orlando Gentil: Let me go back here on this from the picture.
1745
02:29:10.330 --> 02:29:12.099
Orlando Gentil: I think it gives you a better idea.
1746
02:29:14.360 --> 02:29:19.320
Orlando Gentil: We talked about the Internet Gary that maps the public IP that you can assign
1747
02:29:19.610 --> 02:29:24.360
Orlando Gentil: to a private IP that exist here in the public subnet
1748
02:29:25.070 --> 02:29:29.049
Orlando Gentil: on the private se, that you don't have that option, but at the same time.
1749
02:29:29.140 --> 02:29:36.959
Orlando Gentil: on the private subnet. You might have systems that they need to fetch information from the Internet
1750
02:29:37.080 --> 02:29:42.089
Orlando Gentil: Let's say you have a Linux server that you want to get the updates from Red Hat.
1751
02:29:42.760 --> 02:29:48.880
Orlando Gentil: How do you connect to the Redhead server to validate that you have the license, download the patches and all that
1752
02:29:49.510 --> 02:29:52.240
Orlando Gentil: we offer you something called net gatory.
1753
02:29:52.790 --> 02:29:53.999
Orlando Gentil: the net gateway.
1754
02:29:54.370 --> 02:29:57.870
Orlando Gentil: Well net that work, and this translation, it will allow
1755
02:29:58.460 --> 02:30:04.509
Orlando Gentil: requests coming from private subnets to reach the Internet and get back
1756
02:30:08.420 --> 02:30:12.769
Orlando Gentil: another type of gateway that we have. It's called the Service Gateway.
1757
02:30:13.880 --> 02:30:15.469
Orlando Gentil: the service Gateway.
1758
02:30:16.160 --> 02:30:17.400
Orlando Gentil: It allows
1759
02:30:18.110 --> 02:30:20.719
Orlando Gentil: public and private subnets
1760
02:30:20.810 --> 02:30:27.040
Orlando Gentil: to access the services that are placed on the public side of
1761
02:30:27.200 --> 02:30:29.539
Orlando Gentil: object storage is one of them.
1762
02:30:30.220 --> 02:30:34.069
Orlando Gentil: The service gave you instead of you coming through the Internet
1763
02:30:34.710 --> 02:30:42.330
Orlando Gentil: or not exactly through the for the public side of Oci. In reaching the object storage it gives you
1764
02:30:42.460 --> 02:30:43.990
Orlando Gentil: a secure way.
1765
02:30:44.230 --> 02:30:48.559
Orlando Gentil: So you don't, go to the to the public infrastructure
1766
02:30:48.830 --> 02:30:50.390
Orlando Gentil: to reach the service
1767
02:30:50.750 --> 02:30:55.529
Orlando Gentil: so and so all the traffic becomes it's just. Internal traffic
1768
02:30:55.800 --> 02:30:57.090
Orlando Gentil: is not exposed.
1769
02:30:57.320 --> 02:30:58.240
Orlando Gentil: although
1770
02:30:58.540 --> 02:30:59.750
Orlando Gentil: it's encrypted.
1771
02:31:01.700 --> 02:31:04.710
Orlando Gentil: So those are the 3 gateways that we have
1772
02:31:06.710 --> 02:31:09.549
Orlando Gentil: we talked about this, you already? Here
1773
02:31:17.850 --> 02:31:20.000
Orlando Gentil: You can have multiple Vcs.
1774
02:31:20.160 --> 02:31:27.419
Orlando Gentil: and this you can use for different purposes on how you want to segregate your
1775
02:31:30.070 --> 02:31:31.110
Orlando Gentil: your
1776
02:31:32.660 --> 02:31:38.959
Orlando Gentil: your devices and to establish communication between them. We have something that we call local peer in gateway.
1777
02:31:39.740 --> 02:31:43.720
Orlando Gentil: or we have another another thing called the
1778
02:31:43.770 --> 02:31:45.409
Orlando Gentil: dynamic routing gateway.
1779
02:31:45.460 --> 02:31:48.149
Orlando Gentil: It's a more powerful gateway that works
1780
02:31:48.430 --> 02:31:54.469
Orlando Gentil: with more functions just then connecting different Vcns.
1781
02:31:55.050 --> 02:31:58.510
Orlando Gentil: This ends within the same region. You can pair
1782
02:32:00.640 --> 02:32:11.639
Orlando Gentil: vcms that are even on different tendencies. So if you have a customer that wants to connect, you, provide a service, and your customer is also using oci
1783
02:32:11.760 --> 02:32:14.710
Orlando Gentil: the you can grant him access caring
1784
02:32:14.800 --> 02:32:18.780
Orlando Gentil: the Vc. Ends. So they don't have to go through the Internet
1785
02:32:19.260 --> 02:32:21.689
Orlando Gentil: and you can take advantage of this
1786
02:32:22.290 --> 02:32:25.090
Orlando Gentil: the same way that you do with local peering?
1787
02:32:26.100 --> 02:32:34.539
Orlando Gentil: We have remote peering that you can connect one. We see it from one region to another, and these works for the
1788
02:32:34.860 --> 02:32:36.900
Orlando Gentil: your.
1789
02:32:39.100 --> 02:32:42.760
Orlando Gentil: your Vcms or Vcn. On other tendencies.
1790
02:32:45.300 --> 02:32:47.599
Just a comparison.
1791
02:32:47.840 --> 02:33:00.270
Orlando Gentil: Here goes on inside the private. All private infrastructure here goes over private infrastructure, but through the backbone. So you might consider, have to consider latency
1792
02:33:00.390 --> 02:33:06.430
Orlando Gentil: when you are doing. If the the traffic that is flowing from one Vc. And to another.
1793
02:33:09.130 --> 02:33:14.119
Orlando Gentil: the Drg. As I mentioned dynamic routing gateway. It's a more powerful gateway
1794
02:33:14.400 --> 02:33:19.330
Orlando Gentil: that does the functions of peering, and it's also used.
1795
02:33:19.360 --> 02:33:20.579
Orlando Gentil: See if I have the
1796
02:33:20.860 --> 02:33:22.579
it's like separated here
1797
02:33:24.510 --> 02:33:25.490
for it
1798
02:33:30.690 --> 02:33:32.859
Orlando Gentil: just a second there with me.
1799
02:33:34.240 --> 02:33:49.659
Orlando Gentil: Oh, no, they don't do. They don't show, but you can connect on premises, for example, with oci, and you use the VPN service, we provide a VPN. Service. So if you have a firewall on premises we can use, IP. Sec.
1800
02:33:50.280 --> 02:33:57.959
Orlando Gentil: To connect to oci, and that's done through a tunnel. That tunnel is going to be established, using the VPN. Services
1801
02:33:58.000 --> 02:34:00.940
Orlando Gentil: that will be connected to the dynamic route, engaging
1802
02:34:01.100 --> 02:34:06.820
Orlando Gentil: another way that you can connect on premises to all. Ci is something called fast. Connect.
1803
02:34:07.360 --> 02:34:14.299
Orlando Gentil: disconnect. We'll give you a physical port on the switch, and that port will be mapped to your
1804
02:34:14.590 --> 02:34:15.770
Orlando Gentil: Brg.
1805
02:34:15.880 --> 02:34:23.410
Orlando Gentil: and from there you can connect to any Vcms that you have within your tennis. Using that Dr. G.
1806
02:34:24.150 --> 02:34:29.920
Orlando Gentil: What do you connect on that switch port you can choose from several providers
1807
02:34:30.000 --> 02:34:33.349
Orlando Gentil: that will give you a physical link to Oci.
1808
02:34:34.540 --> 02:34:38.579
Orlando Gentil: So if you need to have a very, very fast connection
1809
02:34:38.900 --> 02:34:48.599
Orlando Gentil: predictable with Oci. You can take advantage of that instead of using just the VPN. VPN in that case could be your backup solution
1810
02:34:48.640 --> 02:34:52.439
Orlando Gentil: in case you have a problem with the the first connect
1811
02:34:54.170 --> 02:34:57.639
Orlando Gentil: test Connect is also used for the
1812
02:34:58.200 --> 02:35:00.250
Orlando Gentil: connections that you do with
1813
02:35:00.840 --> 02:35:03.459
Orlando Gentil: all the Cloud providers. But that's a
1814
02:35:03.500 --> 02:35:07.069
Orlando Gentil: totally different presentation. Just on multi cloud.
1815
02:35:09.450 --> 02:35:11.999
Orlando Gentil: Let's jump to
1816
02:35:12.140 --> 02:35:14.800
Orlando Gentil: let me just go back on the console here.
1817
02:35:18.330 --> 02:35:21.719
Orlando Gentil: See if we have something that it's interest.
1818
02:35:22.710 --> 02:35:23.520
Orlando Gentil: Hmm.
1819
02:35:24.840 --> 02:35:27.669
Orlando Gentil: The gateways that we used
1820
02:35:28.320 --> 02:35:29.850
Orlando Gentil: that comes with it.
1821
02:35:29.980 --> 02:35:31.219
Orlando Gentil: and you provision.
1822
02:35:31.330 --> 02:35:35.560
Orlando Gentil: No, I think that we we talked about in this network here, because
1823
02:35:37.040 --> 02:35:41.710
Orlando Gentil: if we have to go. We can go deeper. That will take just 2 h just on network.
1824
02:35:42.480 --> 02:35:44.739
Orlando Gentil: Let's go through
1825
02:35:45.330 --> 02:35:47.470
Orlando Gentil: compute services.
1826
02:35:50.080 --> 02:35:52.199
Orlando Gentil: That's where the action gets
1827
02:35:55.170 --> 02:35:58.590
Orlando Gentil: gonna have more action that it's easier for you guys to relate to
1828
02:36:04.800 --> 02:36:05.619
Orlando Gentil: that.
1829
02:36:06.350 --> 02:36:10.710
Orlando Gentil: So the compute service is what gives you on oci
1830
02:36:10.810 --> 02:36:12.400
Orlando Gentil: the
1831
02:36:13.920 --> 02:36:23.710
Orlando Gentil: the instances, the v 4 machines, the instances per say that you're going to use. I don't like to say just virtual machines, because you're gonna have different types, as you will see
1832
02:36:24.900 --> 02:36:27.430
Orlando Gentil: what consists of the compute service.
1833
02:36:27.790 --> 02:36:30.019
Orlando Gentil: You have CPU
1834
02:36:30.050 --> 02:36:32.630
Orlando Gentil: in memory, and that's what is allocated.
1835
02:36:33.220 --> 02:36:34.320
Orlando Gentil: and
1836
02:36:34.620 --> 02:36:48.640
Orlando Gentil: you tied that with the storage service. It's the foundation for several other services. You can use them as just an instance. Or if, for example, you are using a database cloud service, it will provision
1837
02:36:48.760 --> 02:36:57.049
Orlando Gentil: CPU memory and storage for you underneath it. The the the database instance that you create
1838
02:36:57.140 --> 02:37:02.159
Orlando Gentil: so you can use it alone, or it can be the base for several other services.
1839
02:37:03.890 --> 02:37:09.229
Orlando Gentil: The way that we count CPU. So, Marco, it's a bit different from all the providers.
1840
02:37:09.860 --> 02:37:13.460
Orlando Gentil: That's why we call all CPU, or call CPU.
1841
02:37:13.490 --> 02:37:19.960
Orlando Gentil: Most other places they call V CPU. What's the difference between a No. CPU and a V CPU?
1842
02:37:21.100 --> 02:37:23.169
Orlando Gentil: We charge it for the core.
1843
02:37:23.280 --> 02:37:24.920
Orlando Gentil: not for the threat.
1844
02:37:26.650 --> 02:37:28.580
Orlando Gentil: Okay. So
1845
02:37:28.870 --> 02:37:32.849
Orlando Gentil: in a regular core. You're going to have 2 threads.
1846
02:37:32.960 --> 02:37:37.409
Orlando Gentil: If we're talking about a. V CPU, it's just one of those threads.
1847
02:37:38.180 --> 02:37:43.790
Orlando Gentil: This is valid for everything. But the arm computer. Because the arm is a single thread processor.
1848
02:37:44.340 --> 02:37:47.880
Orlando Gentil: We can't do that. We have to get with what it is.
1849
02:37:48.800 --> 02:37:55.110
Orlando Gentil: Why, this is important. It's a crucial for the way that you do, licensing
1850
02:37:55.640 --> 02:37:59.940
Orlando Gentil: some, some, some products. They are licensed, based on
1851
02:38:00.160 --> 02:38:08.830
Orlando Gentil: V. Cpus. But we don't as we don't have the cpus. Most of the software that we have licenses is licensed by O CPU.
1852
02:38:09.710 --> 02:38:13.620
Orlando Gentil: Just call it goods up front to like half of the cost.
1853
02:38:15.590 --> 02:38:16.350
Orlando Gentil: Well.
1854
02:38:16.700 --> 02:38:22.690
Orlando Gentil: for oracle products. Let's put this way. I don't know I I can't mention about the other.
1855
02:38:22.790 --> 02:38:25.820
Orlando Gentil: If you have to install oracle on aws, for example.
1856
02:38:25.990 --> 02:38:32.019
Orlando Gentil: it's gonna cost you the double just because of the the way that we count all Cpus versus CPU
1857
02:38:33.230 --> 02:38:36.599
Orlando Gentil: Press wise. I think that we are a bit cheaper on the
1858
02:38:36.830 --> 02:38:39.430
Orlando Gentil: when you do the break down to the cpus
1859
02:38:40.860 --> 02:38:42.449
Orlando Gentil: up this way.
1860
02:38:43.920 --> 02:38:46.629
Orlando Gentil: But how can you create
1861
02:38:47.380 --> 02:38:48.940
Orlando Gentil: instances on oci?
1862
02:38:49.370 --> 02:38:51.550
Orlando Gentil: They can be a bare metal.
1863
02:38:52.040 --> 02:39:02.410
Orlando Gentil: and we were kind of the pioneers on that. You can provision a whole server to you, and it's not going to be virtual. You're gonna have who access
1864
02:39:02.540 --> 02:39:10.110
Orlando Gentil: to the server, in a sense that all the resources is going to be yours. You have direct access to. If you're running Linux
1865
02:39:10.400 --> 02:39:13.699
Orlando Gentil: and you run, for example. Ls. Pci.
1866
02:39:13.770 --> 02:39:18.310
Orlando Gentil: you're gonna see this full hardware that you have access to.
1867
02:39:19.050 --> 02:39:25.210
Orlando Gentil: You have a layer of control that we provide. They were extending. I don't know exactly
1868
02:39:25.650 --> 02:39:38.430
Orlando Gentil: how, Jip, that it is now. But we were up to the point that you could have access to the bios off the computer same way that you would do, for example, if you go back in time like with re space, when they had like a
1869
02:39:39.180 --> 02:39:41.919
Orlando Gentil: physical service that you could co-host there
1870
02:39:43.840 --> 02:39:50.419
Orlando Gentil: and with this bio-axis is pretty much like when the you would have a Kvm. Plug it to the to the server
1871
02:39:51.370 --> 02:39:59.649
Orlando Gentil: but again double check on the bios. I'm not sure if we have that. But you have full access to the to the server, and you can do
1872
02:39:59.790 --> 02:40:06.529
Orlando Gentil: pretty much anything that you want to do it if you want to install another hypervisor and have your instances.
1873
02:40:06.960 --> 02:40:08.190
Orlando Gentil: you can do that.
1874
02:40:08.540 --> 02:40:13.490
Orlando Gentil: For example, let's say you have a windows agreement, and with unlimited
1875
02:40:14.590 --> 02:40:16.689
windows, licenses.
1876
02:40:16.910 --> 02:40:23.709
Orlando Gentil: and instead of having virtual machines, where or we will charge you for that, you can have like a bare metal.
1877
02:40:23.820 --> 02:40:29.149
Orlando Gentil: Take advantage of the 6,428 cpus that they have
1878
02:40:29.950 --> 02:40:34.040
Orlando Gentil: with the huge amount of memory, and you create your vms there.
1879
02:40:34.480 --> 02:40:36.130
Orlando Gentil: It's one solution for you
1880
02:40:36.840 --> 02:40:40.220
Orlando Gentil: traditional way that you use.
1881
02:40:40.640 --> 02:40:43.299
Orlando Gentil: Instance is, you create virtual machines.
1882
02:40:44.120 --> 02:40:49.319
Orlando Gentil: and another way that you can use an oracle as well is the dedicated Vm. Host.
1883
02:40:50.080 --> 02:40:56.279
Orlando Gentil: What's the difference between the bare metal and the dedicated Vm. On the dedicated Vm. You
1884
02:40:56.740 --> 02:41:00.200
Orlando Gentil: leave up to, or to do, the
1885
02:41:00.610 --> 02:41:03.209
Orlando Gentil: the management of the hypervisor for you.
1886
02:41:03.530 --> 02:41:07.520
Orlando Gentil: The differences from a virtual machine perspective.
1887
02:41:07.720 --> 02:41:13.310
Orlando Gentil: No other tenant we we use that dedicated V. We co-host
1888
02:41:16.110 --> 02:41:23.990
Orlando Gentil: the instances that we have on oci. They are based on amd processors intel and impair.
1889
02:41:24.840 --> 02:41:29.890
Orlando Gentil: As new processors are coming. You just gonna see different generations of
1890
02:41:31.160 --> 02:41:32.800
Orlando Gentil: instances that we have.
1891
02:41:33.410 --> 02:41:38.930
Orlando Gentil: So Amd and they have the flex. They have a, e, 4, e, 3,
1892
02:41:39.920 --> 02:41:41.159
Orlando Gentil: and so on.
1893
02:41:42.260 --> 02:41:44.410
Orlando Gentil: We have 2 types of shapes
1894
02:41:45.920 --> 02:41:54.229
Orlando Gentil: I don't know for until well, we're gonna keep the fixed shapes, but we've fixed it shapes. You would define the amount of CPU,
1895
02:41:55.160 --> 02:41:59.460
Orlando Gentil: and you could have a certain amount of memory.
1896
02:41:59.580 --> 02:42:01.079
Orlando Gentil: It would be a ratio
1897
02:42:02.020 --> 02:42:04.100
Orlando Gentil: the way that we are progressing.
1898
02:42:04.210 --> 02:42:19.760
Orlando Gentil: progressing, we will use just the fix and shapes for bare metal, because well, there's no way to. As the the although it's a physical server. There's provision to you. We don't customize that server. You get the whole server
1899
02:42:21.210 --> 02:42:23.119
Orlando Gentil: and virtual machines.
1900
02:42:23.180 --> 02:42:25.590
Orlando Gentil: You could find something that
1901
02:42:26.670 --> 02:42:37.289
Orlando Gentil: it would have a rate you on the number of Ocp. The the amount of memory based on the number of full cpus. This number used to be on Intel for 1, 2,
1902
02:42:38.060 --> 02:42:39.960
Orlando Gentil: 15 or 16 gig.
1903
02:42:40.100 --> 02:42:49.790
Orlando Gentil: So if you get a machine with 2 or cpus, it would come automatically with 32 gigs of rem, and you could not change it
1904
02:42:50.590 --> 02:42:57.580
Orlando Gentil: when we came with flexible shapes. Now you can select, separated the amount of all CPU that you have.
1905
02:42:57.660 --> 02:43:02.030
Orlando Gentil: and the amount of memory it only works for virtual machines.
1906
02:43:02.720 --> 02:43:08.939
Orlando Gentil: We have the limits here and there's a little enforcement on the rate you
1907
02:43:10.530 --> 02:43:13.829
Orlando Gentil: on that. Let me get here.
1908
02:43:14.890 --> 02:43:16.400
Orlando Gentil: Show you real quick
1909
02:43:23.510 --> 02:43:27.809
Orlando Gentil: when you come here on the image shape you can change the shape
1910
02:43:28.410 --> 02:43:32.570
Orlando Gentil: you can navigate, and if you get something that is flex.
1911
02:43:33.630 --> 02:43:36.989
Orlando Gentil: it's this simple to get the amount of memory
1912
02:43:39.820 --> 02:43:42.899
Orlando Gentil: I can. If I want. I can reduce the amount of memory here.
1913
02:43:44.700 --> 02:43:47.629
Orlando Gentil: But let's say I have an application that requires
1914
02:43:48.440 --> 02:43:50.189
Orlando Gentil: just a little bit of
1915
02:43:50.880 --> 02:43:52.420
Orlando Gentil: all Cpus
1916
02:43:53.460 --> 02:43:54.970
Orlando Gentil: in a lot of memory.
1917
02:43:55.870 --> 02:44:01.210
Orlando Gentil: I can't go all the way. There's a there are still some ratios that apply, but as you can see
1918
02:44:01.480 --> 02:44:04.419
Orlando Gentil: if I was on a traditional fixed shape
1919
02:44:04.740 --> 02:44:07.430
Orlando Gentil: 4 times 16 would be
1920
02:44:07.670 --> 02:44:19.240
Orlando Gentil: 1516 will be somewhere between 60 or 64 gigs of RAM, and in this case I can go up to 256, or if I want less.
1921
02:44:19.530 --> 02:44:21.439
Orlando Gentil: I could go as low as
1922
02:44:22.290 --> 02:44:25.529
Orlando Gentil: for yeah 4 GB of memory.
1923
02:44:33.300 --> 02:44:33.900
You.
1924
02:44:37.510 --> 02:44:40.630
Orlando Gentil: I I just showed you the flexible shapes.
1925
02:44:40.690 --> 02:44:46.930
Orlando Gentil: If it's a. E. 3, e, 4, it's amd based if they don't have the e, it's intel based.
1926
02:44:47.050 --> 02:44:49.929
Orlando Gentil: But they all we end with the flex name.
1927
02:44:53.070 --> 02:44:55.850
Orlando Gentil: Oh, a you a one for
1928
02:44:57.540 --> 02:44:58.250
Orlando Gentil: farm.
1929
02:44:58.720 --> 02:45:00.820
Orlando Gentil: We just saw this the screen.
1930
02:45:09.140 --> 02:45:14.349
Orlando Gentil: When you provision an instance, you have a different capacity. Types
1931
02:45:14.680 --> 02:45:17.749
Orlando Gentil: you have on demand that it's the traditional way
1932
02:45:17.950 --> 02:45:19.419
Orlando Gentil: you click when you
1933
02:45:19.460 --> 02:45:22.429
Orlando Gentil: come here on the what is it
1934
02:45:25.910 --> 02:45:32.090
Orlando Gentil: when you finish feeling all this information when you click on the create button here, it's because it's misinformation. It's not blue.
1935
02:45:32.800 --> 02:45:37.029
Orlando Gentil: When you click on, create it will allocate the resource for you.
1936
02:45:38.220 --> 02:45:40.099
Orlando Gentil: But there are
1937
02:45:40.130 --> 02:45:44.250
Orlando Gentil: situations where you want to.
1938
02:45:44.650 --> 02:45:47.520
Orlando Gentil: You Don't, want to rely on that
1939
02:45:48.260 --> 02:45:51.479
on not having something reserved for you.
1940
02:45:51.560 --> 02:45:56.019
Orlando Gentil: So you have the ability of creating what we call capacity reservation.
1941
02:45:56.900 --> 02:45:59.239
Orlando Gentil: So that gives you some.
1942
02:45:59.680 --> 02:46:05.870
Orlando Gentil: You can plan ahead of time if you are planning to use the capacity and make that that reservation for you.
1943
02:46:07.500 --> 02:46:14.589
Orlando Gentil: Let's say that you are on Black Friday, like Friday. Lot of people are going to
1944
02:46:14.780 --> 02:46:19.550
Orlando Gentil: increase the load on their systems, and all that. You don't want to have the risk
1945
02:46:20.230 --> 02:46:36.819
Orlando Gentil: of being trying to provision a new instance or changing the size of the instance, and you, Don't, have resources available. With this you can create capacity, reservation, and you get a discount price for what you're not using. But when you decide to use.
1946
02:46:36.880 --> 02:46:41.939
Orlando Gentil: They are available to you. You don't have a risk of being
1947
02:46:43.760 --> 02:46:49.049
Orlando Gentil: You don't have the risk of being kind of overbook situation where you you can't provision the resources
1948
02:46:49.530 --> 02:46:50.819
Orlando Gentil: when you need.
1949
02:46:51.600 --> 02:46:56.080
Orlando Gentil: We have another type of provisioning called preemptable instances.
1950
02:46:56.290 --> 02:47:00.110
Orlando Gentil: It's instances that are made for short term
1951
02:47:00.220 --> 02:47:06.090
Orlando Gentil: leases. Let's put this way for workloads that you can.
1952
02:47:07.160 --> 02:47:10.129
Orlando Gentil: You don't have to worry if they, for
1953
02:47:10.520 --> 02:47:15.089
Orlando Gentil: they are very short, or they are controlled outside of the instance.
1954
02:47:15.580 --> 02:47:22.180
Orlando Gentil: Let's say you have a pool of risk or a pool of files that needs to be processed, and
1955
02:47:22.720 --> 02:47:26.719
Orlando Gentil: those process the processing of those files. It's really
1956
02:47:26.840 --> 02:47:27.890
Orlando Gentil: short.
1957
02:47:28.520 --> 02:47:30.650
Orlando Gentil: with preemptable instances
1958
02:47:31.080 --> 02:47:35.229
Orlando Gentil: as they go. Get the file process and give it back.
1959
02:47:35.710 --> 02:47:38.159
Orlando Gentil: The instance Doesn't need to be
1960
02:47:39.670 --> 02:47:41.700
Orlando Gentil: reliable, not reliable.
1961
02:47:42.890 --> 02:47:45.949
Orlando Gentil: You don't have to keep the instance, there
1962
02:47:45.990 --> 02:47:46.980
Orlando Gentil: for all
1963
02:47:47.170 --> 02:47:52.960
Orlando Gentil: all the time you can. If it fails because it was claimed back.
1964
02:47:53.120 --> 02:47:56.320
Orlando Gentil: You don't lose anything. So if you have this type of workload.
1965
02:47:56.990 --> 02:48:02.599
Orlando Gentil: You can take advantage of preemptable instances, because you have a very, very low cost
1966
02:48:02.730 --> 02:48:07.700
Orlando Gentil: on them. Instead of having to have a on demand, or even with capacity reservation.
1967
02:48:08.620 --> 02:48:13.630
Orlando Gentil: They use excess capacity, and because they are using excess capacity.
1968
02:48:14.010 --> 02:48:16.639
you can take advantage of the low price
1969
02:48:21.680 --> 02:48:22.960
Orlando Gentil: I should have moved.
1970
02:48:25.180 --> 02:48:27.489
Orlando Gentil: explaining the capacity.
1971
02:48:34.150 --> 02:48:36.729
Orlando Gentil: We talked about preemptable
1972
02:48:40.400 --> 02:48:41.789
Orlando Gentil: and okay.
1973
02:48:42.310 --> 02:48:44.450
Orlando Gentil: I think that it's
1974
02:48:44.960 --> 02:48:49.979
Orlando Gentil: good queue if the capacity to change to storage
1975
02:48:51.910 --> 02:48:57.329
Orlando Gentil: and before we go i'm gonna give you some resources, so you can follow up and
1976
02:48:57.590 --> 02:49:00.220
Orlando Gentil: explore more the resources that we have
1977
02:49:00.950 --> 02:49:02.209
Orlando Gentil: to get started.
1978
02:49:04.650 --> 02:49:06.689
Orlando Gentil: When you create an instance.
1979
02:49:07.190 --> 02:49:13.400
Orlando Gentil: We have several types of storage. But as we are talking about the instance, let's come here and let me show you
1980
02:49:15.220 --> 02:49:23.490
Orlando Gentil: the instance needs to have a boot volume that will be your boot disc. If you are using windows that would be your C drive.
1981
02:49:24.490 --> 02:49:27.640
Orlando Gentil: You can come here and specify the size of the volume.
1982
02:49:28.370 --> 02:49:30.139
Orlando Gentil: and how fast
1983
02:49:30.320 --> 02:49:39.919
Orlando Gentil: that volume will perform, you can increase the performance of the performance tier of the boot volume just by sliding here.
1984
02:49:40.660 --> 02:49:43.349
Orlando Gentil: If you want more iops or not.
1985
02:49:45.200 --> 02:49:52.609
Orlando Gentil: this kind of storage it's equivalent to if you're coming from this traditional world the way that we provision this
1986
02:49:52.870 --> 02:49:55.760
Orlando Gentil: is, if you have, like, a nice cosy server.
1987
02:49:56.450 --> 02:49:57.560
Orlando Gentil: So
1988
02:49:57.620 --> 02:50:00.759
Orlando Gentil: if we jump to the storage section here
1989
02:50:02.230 --> 02:50:07.119
Orlando Gentil: you you have all your block storage. Imagine this as your
1990
02:50:08.120 --> 02:50:09.430
Orlando Gentil: could be an S.
1991
02:50:09.710 --> 02:50:11.339
Orlando Gentil: No, not in that
1992
02:50:12.220 --> 02:50:22.360
Orlando Gentil: again it's block storage. You can create block volumes here. Those block volumes could be boot volumes that you're going to use as the primary disk of the instance.
1993
02:50:22.870 --> 02:50:25.579
Orlando Gentil: or it can be additional discs.
1994
02:50:25.860 --> 02:50:27.900
Orlando Gentil: So when you have an instance
1995
02:50:30.850 --> 02:50:33.060
Orlando Gentil: after it is created.
1996
02:50:37.310 --> 02:50:40.360
Orlando Gentil: when you come here, you have a boot volume
1997
02:50:40.920 --> 02:50:44.509
Orlando Gentil: I created with the minimum size that comes for the image.
1998
02:50:45.330 --> 02:50:47.530
Orlando Gentil: If I add more discs.
1999
02:50:48.190 --> 02:50:49.610
Orlando Gentil: It's gonna show here
2000
02:50:50.460 --> 02:50:51.740
Orlando Gentil: on the instance.
2001
02:50:54.870 --> 02:50:55.770
Orlando Gentil: Okay.
2002
02:50:56.520 --> 02:50:58.359
Orlando Gentil: And the way that you with that
2003
02:50:58.380 --> 02:51:03.719
Orlando Gentil: it could be virtualized or paralyzed. I mentioned the I because that's
2004
02:51:03.910 --> 02:51:08.459
Orlando Gentil: usually, if you have like a storage at your facility.
2005
02:51:08.530 --> 02:51:13.419
Orlando Gentil: Yeah, how you can provision volumes over the network. If you're not using like fiber
2006
02:51:13.570 --> 02:51:14.710
Orlando Gentil: to do that.
2007
02:51:16.060 --> 02:51:23.640
Orlando Gentil: let's go on the storage presentation. So I don't lose details that might be important for you guys.
2008
02:51:24.810 --> 02:51:26.840
Orlando Gentil: Just a second.
2009
02:51:46.900 --> 02:51:49.119
Orlando Gentil: We mentioned block volume.
2010
02:51:49.790 --> 02:51:56.309
Orlando Gentil: and we're gonna go deep on that. But let's go with the flow here. So I don't lose details.
2011
02:51:56.990 --> 02:52:00.700
Orlando Gentil: There are several storage services that you can leverage on. Oci
2012
02:52:01.110 --> 02:52:03.460
Orlando Gentil: look when Vm. Is one of them.
2013
02:52:03.870 --> 02:52:07.740
Orlando Gentil: is you? It's used for
2014
02:52:09.340 --> 02:52:13.080
Orlando Gentil: dedicated hosts, or some shapes
2015
02:52:13.260 --> 02:52:15.550
Orlando Gentil: where you can.
2016
02:52:15.900 --> 02:52:19.069
Orlando Gentil: You specify the amount of raw capacity that you want?
2017
02:52:19.590 --> 02:52:24.260
Orlando Gentil: Imagine Mv. And the Nvme. Disks as a SSD.
2018
02:52:24.520 --> 02:52:27.159
Orlando Gentil: On this to rights? They are much faster.
2019
02:52:27.290 --> 02:52:38.039
Orlando Gentil: and if your workloads need that, you have the option to to certain Vm. Shapes, remember the shapes could be
2020
02:52:38.350 --> 02:52:40.860
Orlando Gentil: flex flexible shapes or
2021
02:52:40.980 --> 02:52:50.430
Orlando Gentil: static shapes, those static shapes. There are some models where you can specify them with a local and vme storage.
2022
02:52:50.610 --> 02:52:52.250
Orlando Gentil: If you have a
2023
02:52:52.920 --> 02:52:56.039
Orlando Gentil: a bare metal server, a whole server to you.
2024
02:52:56.100 --> 02:53:06.569
Orlando Gentil: You also have the option to use either block storage or local storage, and depending on how you combine, you can go up to 3 million iops.
2025
02:53:10.770 --> 02:53:13.949
Orlando Gentil: Let me open this guys, and then we can move.
2026
02:53:15.940 --> 02:53:17.550
Orlando Gentil: So the
2027
02:53:17.660 --> 02:53:27.960
Orlando Gentil: this is like your storage device that you have on You would have on your on premises, and you can cut chunks of the this disk
2028
02:53:28.270 --> 02:53:34.160
Orlando Gentil: from anywhere from 50 GB to 32 in 1 GB increments.
2029
02:53:34.760 --> 02:53:36.869
Orlando Gentil: and once you assign it.
2030
02:53:37.060 --> 02:53:44.940
Orlando Gentil: You can connect to the instance using high School Z, or it could be parallelized. You have the options to do that.
2031
02:53:45.040 --> 02:53:52.660
Orlando Gentil: I, because he gives you a slightly better performance, and it's required. If you are using high performance, discs
2032
02:53:53.450 --> 02:54:02.010
Orlando Gentil: all this back end. Infrastructure is nvme based. So all the disks that you have on your storage. There are all in Vm.
2033
02:54:02.420 --> 02:54:04.949
Orlando Gentil: They run on a protected network.
2034
02:54:05.790 --> 02:54:12.910
Orlando Gentil: and it's separated it. It's, protected, so it's separated. The the traffic is not exposed.
2035
02:54:13.410 --> 02:54:16.369
Orlando Gentil: and it gives you some millisecond latency
2036
02:54:18.000 --> 02:54:22.420
Orlando Gentil: per vm. For instance, you can have up to 32 volumes.
2037
02:54:22.440 --> 02:54:24.199
Orlando Gentil: So if you exceed
2038
02:54:24.630 --> 02:54:26.260
Orlando Gentil: 32 TB.
2039
02:54:26.880 --> 02:54:31.170
Orlando Gentil: You need more than that. You can just go create a new volume.
2040
02:54:31.230 --> 02:54:34.019
Orlando Gentil: and that volume can be attached
2041
02:54:34.230 --> 02:54:37.419
Orlando Gentil: from there. It works like.
2042
02:54:37.450 --> 02:54:40.229
Orlando Gentil: If you go to Windows Manager, You're gonna see another disk.
2043
02:54:40.290 --> 02:54:45.399
You can combine them in the dynamic group. If you are on Linux you can do an lvm
2044
02:54:46.330 --> 02:54:53.079
Orlando Gentil: configure the way that you want to put the stripes. You can even use that to overcome the to get better performance.
2045
02:54:54.640 --> 02:55:03.169
Orlando Gentil: As I mentioned it's the traffic between this is storage back end, and the instances it's encrypted at transit.
2046
02:55:03.250 --> 02:55:07.399
Orlando Gentil: So there's no risk of anyone snooping on your data
2047
02:55:08.130 --> 02:55:09.190
Orlando Gentil: the
2048
02:55:09.410 --> 02:55:12.400
Orlando Gentil: when they are not in use they are encrypted at rest.
2049
02:55:13.480 --> 02:55:16.249
Orlando Gentil: and it's organized in a way
2050
02:55:16.500 --> 02:55:21.780
Orlando Gentil: that we feel each of the ability domain. You have multiple copies
2051
02:55:21.970 --> 02:55:25.509
Orlando Gentil: of that data to avoid corruption of the disks.
2052
02:55:27.710 --> 02:55:33.590
Orlando Gentil: The way that we size works is You can go from 50 all the way to 32
2053
02:55:34.140 --> 02:55:40.269
Orlando Gentil: the resource. Operation. It only works in one way, so you can't shrink the disks.
2054
02:55:40.410 --> 02:55:44.179
Orlando Gentil: But if you have a disk, if you want to extend the size of the disk.
2055
02:55:44.210 --> 02:55:46.039
Orlando Gentil: you just
2056
02:55:46.470 --> 02:55:47.690
Orlando Gentil: let me show you.
2057
02:55:47.760 --> 02:55:50.489
Orlando Gentil: It's as simple as
2058
02:55:51.530 --> 02:55:53.680
Orlando Gentil: I'm gonna go to my boot volume.
2059
02:55:56.380 --> 02:55:58.530
Orlando Gentil: I can click on edit
2060
02:55:58.620 --> 02:56:03.340
Orlando Gentil: the boot volume and here instead of 47. I can put 100.
2061
02:56:04.230 --> 02:56:06.459
Orlando Gentil: When I click save changes here
2062
02:56:08.520 --> 02:56:09.519
Orlando Gentil: it will do
2063
02:56:11.550 --> 02:56:18.930
Orlando Gentil: as this disk is. Our is connected to an instance. I have to run a couple of commands, so the
2064
02:56:20.420 --> 02:56:26.879
Orlando Gentil: it can rescue the bus and detect that the disk was the there's a changing side.
2065
02:56:27.640 --> 02:56:38.340
Orlando Gentil: and from there you will perform the regular operations that you will do if you have to extend your file system. So you have to create another partition, or extended the partition
2066
02:56:38.700 --> 02:56:40.140
Orlando Gentil: and
2067
02:56:40.260 --> 02:56:43.360
Orlando Gentil: format the partition. If you created a different partition.
2068
02:56:44.100 --> 02:56:45.819
Orlando Gentil: Oh, that's good stuff.
2069
02:56:49.080 --> 02:56:52.940
It's not bookstores based on Nvme. E. Yes.
2070
02:56:53.030 --> 02:56:59.770
Orlando Gentil: it's not cheered. Everything is a nvme from begin to finish. There are no physical disks on Oci.
2071
02:57:01.130 --> 02:57:01.910
Orlando Gentil: Yeah.
2072
02:57:02.230 --> 02:57:05.970
Orlando Gentil: Same way that you can change the size you can.
2073
02:57:07.700 --> 02:57:13.660
Orlando Gentil: I think it's on ongoing so I can play with it. But you I could come here and just drag.
2074
02:57:13.790 --> 02:57:15.220
Orlando Gentil: This is lighter
2075
02:57:15.460 --> 02:57:19.839
Orlando Gentil: all the way to 120. V. Oh, so now it's finished it.
2076
02:57:20.670 --> 02:57:35.009
Orlando Gentil: This is online. I can go and change the performance online. There are some considerations when you are doing to your high performance. As I mentioned, If it's not using ice. Cuz you're just wasting money, so you have to pay attention to that.
2077
02:57:35.820 --> 02:57:41.250
Orlando Gentil: Another feature that it's interesting is, if it's this one as you.
2078
02:57:41.340 --> 02:57:48.829
Orlando Gentil: If this volume is detached from an instance, for example, you delete the instance, and you preserve the volume.
2079
02:57:48.880 --> 02:57:50.600
Orlando Gentil: you can check this.
2080
02:57:50.930 --> 02:57:58.599
Orlando Gentil: and when that happens that when you delete the instance preserving the volume, the volume will be detached
2081
02:57:58.680 --> 02:58:07.000
Orlando Gentil: from the instance, it will detect that is detachable, and it will go to the lower possible cost of the
2082
02:58:07.250 --> 02:58:09.139
Orlando Gentil: that you can have for storage
2083
02:58:11.430 --> 02:58:14.570
Orlando Gentil: also from here is where you're going to define
2084
02:58:14.710 --> 02:58:18.839
Orlando Gentil: the backup policy that you have. I I haven't slide on that
2085
02:58:18.930 --> 02:58:26.119
Orlando Gentil: and cross region replication. I have another slide on that as well, so let me go back, so I don't lose track.
2086
02:58:26.720 --> 02:58:30.489
Orlando Gentil: and don't spend too much time on what I should not.
2087
02:58:33.020 --> 02:58:35.280
We talked about the tiers
2088
02:58:36.640 --> 02:58:45.230
Orlando Gentil: if it's a boot volume, consider it from balance to to high performance. If it's a secondary disc, it can go all the way from basic
2089
02:58:45.530 --> 02:58:52.149
Orlando Gentil: and, for example, good for large potential files. If you have, if you're loading a database and all this kind of things
2090
02:58:52.560 --> 02:58:59.400
Orlando Gentil: you don't have to keep like it's stored on, balanced it, or high performance. You can store them as a basic.
2091
02:58:59.430 --> 02:59:02.560
Orlando Gentil: because you have sequential access to the data.
2092
02:59:05.060 --> 02:59:11.739
Orlando Gentil: High performance in other high performance, as the name implies, it gives you more performance. As you increase
2093
02:59:15.210 --> 02:59:25.589
Orlando Gentil: the out of tune performance is what I mentioned that you can enable that, and if the disk is not associated, attach it to any instance, it will automatically
2094
02:59:25.640 --> 02:59:27.299
Orlando Gentil: go to this basic
2095
02:59:27.440 --> 02:59:28.619
to you.
2096
02:59:33.150 --> 02:59:35.349
We showed that
2097
02:59:35.460 --> 02:59:37.200
Orlando Gentil: we don't have to go.
2098
02:59:38.800 --> 02:59:44.760
Orlando Gentil: but volume back up. We offer a backup service that it's there
2099
02:59:44.850 --> 02:59:46.180
Orlando Gentil: the disk.
2100
02:59:47.760 --> 02:59:54.090
Orlando Gentil: So it's a it's a bit different from the agent backup that you have on your
2101
02:59:56.540 --> 02:59:58.460
Orlando Gentil: on traditional servers that you.
2102
02:59:58.690 --> 03:00:10.630
Orlando Gentil: because it's gonna back up the whole disk. If you are using this, this combined somehow on the on the instance, you have to restore the backup of all the volumes that are combined.
2103
03:00:11.010 --> 03:00:18.879
Orlando Gentil: If you want to use same way that a traditional backup infrastructure, If you have just one disk, it's that
2104
03:00:19.600 --> 03:00:23.420
Orlando Gentil: transparent, you just restore it to a and
2105
03:00:23.990 --> 03:00:32.340
Orlando Gentil: another thing that I have to mention you. You restore it to a different block device. You don't restore direct as this operates outside of the instance.
2106
03:00:33.080 --> 03:00:37.650
Orlando Gentil: the back of when you have to restore it's going to be to a different block device.
2107
03:00:38.330 --> 03:00:41.289
Orlando Gentil: It's a good thing, because if you have to
2108
03:00:43.740 --> 03:00:52.060
Orlando Gentil: do any kind of operation, yeah, or create, for example, what test environment? It will not mess with the disk that it's in use.
2109
03:00:53.550 --> 03:00:58.780
Orlando Gentil: and the backup is also used to. If you want to shrink the disc.
2110
03:00:59.320 --> 03:01:08.049
Orlando Gentil: the backup checks, what are the it only backs up the data that you are using from the volume. If you have a
2111
03:01:08.330 --> 03:01:17.220
Orlando Gentil: 1 TB drive, and you are using just a 100. The backup is going to back up just 100, and from that 100 that you can create a new disc that it's a smaller.
2112
03:01:20.360 --> 03:01:34.450
Myles Brown: My, I think we're gonna start to lose some people. So I just wanted to kind of wrap things up. I'm. I'm sure you'll stick around and answer some questions. If there are some one person asked about the the slides that you have.
2113
03:01:34.460 --> 03:01:45.370
Orlando Gentil: if those are available, I don't think that you are sharing those slides. Right?
2114
03:01:45.430 --> 03:01:46.250
Myles Brown: Yeah.
2115
03:01:46.760 --> 03:01:54.540
Orlando Gentil: they it's the same slides slightly different. But they have all this. All this slides are here.
2116
03:01:54.570 --> 03:01:57.549
Myles Brown: Yeah, and you're gonna put that link into the chat for them.
2117
03:01:59.330 --> 03:02:02.240
Orlando Gentil: Let me put this link.
2118
03:02:05.450 --> 03:02:06.340
Orlando Gentil: I
2119
03:02:10.350 --> 03:02:11.750
Orlando Gentil: everyone.
2120
03:02:15.310 --> 03:02:16.020
Yeah.
2121
03:02:17.780 --> 03:02:35.140
Myles Brown: I was just gonna share a couple of things, too. I I threw these up a little bit earlier, just mentioning that we do have a couple of upcoming free sessions, one on azure one on Google Cloud. We'll probably have some Aws ones in the spring. I would think
2122
03:02:35.340 --> 03:02:47.400
Myles Brown: so. If you're on our mailing list, you should be getting those. We also have our very new report that we just put out the state of it training. If you're more of a trading coordinator or anything like that, you might be interested
2123
03:02:47.620 --> 03:03:06.180
Myles Brown: next steps after taking this, you know, Orlando mentioned the foundations class. That's basically a 2 day version of what you did here today, right? So we jammed it into 3 h. But if we take 2 days, and then you have some labs where you actually get practice, you know that's that's kind of what we're looking at.
2124
03:03:06.190 --> 03:03:23.929
Myles Brown: We have some dates coming up in March and in April for that we also have the 5 Day Associate architect workshop. And so that's, you know, goes much deeper. These both kind of map to certification. Exam: so they're They're the best way to get ready for them.
2125
03:03:23.940 --> 03:03:27.549
We have the 5 Day Associate workshop.
2126
03:03:27.690 --> 03:03:31.070
Myles Brown: We have a date in late March, and one at the beginning of May.
2127
03:03:31.170 --> 03:03:47.239
Myles Brown: and if you're interested in any of this, you know. Go to exit, certified.com. You could email us. You can phone us. I'm gonna throw some of that into the chat. Just so. You have all of those links. Let me get that stuff here.
2128
03:03:48.360 --> 03:03:49.510
Myles Brown: Find it.
2129
03:03:50.920 --> 03:03:54.160
Myles Brown: Let's throw all of these things in there
2130
03:03:55.560 --> 03:03:57.190
Myles Brown: that's everything.
2131
03:03:58.430 --> 03:04:00.580
Myles Brown: and send it to everyone.
2132
03:04:03.860 --> 03:04:04.640
Myles Brown: We go.
2133
03:04:05.420 --> 03:04:13.290
Myles Brown: so that you should have all those links. I don't know if you're able to save the chat. I don't think this allows you to save the chat. You may have to.
2134
03:04:13.490 --> 03:04:16.129
Myles Brown: you know, copy and paste them out of the chat.
2135
03:04:17.620 --> 03:04:20.130
Myles Brown: That's pretty much
2136
03:04:20.230 --> 03:04:23.419
Myles Brown: what I wanted to cover.
2137
03:04:23.660 --> 03:04:40.449
Myles Brown: So thank you for joining, and thank Orlando very much for for going through this Orlando. You're gonna stick around a bit if if people have, I can. I I If you guys have time. I'm glad you I need a web app storage in probably 1015 min.
2138
03:04:40.460 --> 03:04:53.599
Myles Brown: I might not go as deep as I would like to. But
2139
03:04:53.620 --> 03:04:55.940
Myles Brown: Okay, I'll stop sharing so you can share again.
2140
03:04:56.280 --> 03:04:57.550
ExitCertified: Right? Thanks, Miles.
2141
03:04:58.070 --> 03:04:58.800
Right?
2142
03:05:01.830 --> 03:05:02.880
Orlando Gentil: 3.
2143
03:05:05.000 --> 03:05:05.949
Orlando Gentil: Okay.
2144
03:05:07.110 --> 03:05:14.140
Orlando Gentil: So first of all, please apologize me for extending beyond what you guys have planned to dedicate to this.
2145
03:05:14.660 --> 03:05:16.120
Orlando Gentil: but
2146
03:05:16.540 --> 03:05:22.079
Orlando Gentil: I got carried over with identity access management. We took more time than we should.
2147
03:05:22.900 --> 03:05:26.199
Orlando Gentil: so we were talking about the
2148
03:05:26.540 --> 03:05:30.529
Orlando Gentil: we talked about. Look at when Vm. And block storage
2149
03:05:31.280 --> 03:05:35.069
Orlando Gentil: we're talking about some of the features about the backup that you can do.
2150
03:05:35.640 --> 03:05:41.380
Orlando Gentil: I jumped. I could then talk about, for example, that you can clone the volumes.
2151
03:05:41.910 --> 03:05:46.380
Orlando Gentil: but pretty much it's your how you provision block devices
2152
03:05:46.600 --> 03:05:51.060
Orlando Gentil: for your for your instances.
2153
03:05:51.950 --> 03:05:55.429
Orlando Gentil: Next thing that we have. We have a fire storage service.
2154
03:05:55.890 --> 03:05:57.619
Orlando Gentil: It's pretty much a
2155
03:05:57.990 --> 03:06:09.490
Orlando Gentil: if you want to. Oversimplify it's a nfs server, but instead of creating an instance and attaching disks and creating the configuration. You just
2156
03:06:09.510 --> 03:06:20.010
Orlando Gentil: click on the we just click on a button, and you see that you want to create a nfs share, and it starts from there for you. You just define
2157
03:06:20.150 --> 03:06:39.699
Orlando Gentil: the security options that you're gonna have, and it's elastic. You don't have to create a You don't have to a different from block volume. You don't have to say, hey? I want to have a 100 GB. I want to have a 1 TB. No, you just say I want to have this share, and it grows and shrinks as you need.
2158
03:06:40.040 --> 03:06:43.140
Orlando Gentil: and you can go up to eightxabytes.
2159
03:06:43.840 --> 03:06:45.729
Orlando Gentil: Oh, use case for that
2160
03:06:46.050 --> 03:06:49.569
Orlando Gentil: if you have, if you need a shared storage like an Nfs
2161
03:06:49.680 --> 03:06:51.110
Orlando Gentil: that works for you.
2162
03:06:52.050 --> 03:06:59.639
If you're coming from azure, we don't have like a safe Smb version yet, but it's on the works.
2163
03:06:59.710 --> 03:07:02.410
Orlando Gentil: It's a bit tricky because it's proprietary.
2164
03:07:02.550 --> 03:07:03.819
Orlando Gentil: It's a
2165
03:07:03.840 --> 03:07:09.080
Orlando Gentil: We we don't have the same access that Microsoft would have to do that.
2166
03:07:10.960 --> 03:07:13.619
Orlando Gentil: Leslie. We have object, storage.
2167
03:07:13.720 --> 03:07:16.570
Orlando Gentil: object, storage, and archive storage. It's a
2168
03:07:16.810 --> 03:07:20.529
Orlando Gentil: pretty much the same thing. The difference is archive storage is so
2169
03:07:20.810 --> 03:07:26.209
Orlando Gentil: your long-term storage for what you have on object storage
2170
03:07:27.530 --> 03:07:30.680
Orlando Gentil: object storage. You create a buckets
2171
03:07:31.340 --> 03:07:35.080
Orlando Gentil: and those buckets you access them, using
2172
03:07:35.100 --> 03:07:40.089
Orlando Gentil: http protocol. So most of the things You' to do based on
2173
03:07:41.060 --> 03:07:43.749
Orlando Gentil: on the rest Api. To do that
2174
03:07:45.270 --> 03:07:51.639
Orlando Gentil: duplicate modern applications. They are able to interact with object storage. So it should be no problem
2175
03:07:52.120 --> 03:08:02.380
Orlando Gentil: if you the application is, and even if you are, for example, using an application that it's tailored to use just s 3 from Aws.
2176
03:08:02.470 --> 03:08:08.779
Orlando Gentil: we offer a compatibility layer that allows you to use that same application
2177
03:08:08.850 --> 03:08:12.299
Orlando Gentil: to do things with object storage.
2178
03:08:14.840 --> 03:08:16.810
Orlando Gentil: your archive storage.
2179
03:08:17.930 --> 03:08:24.170
Orlando Gentil: You get all the stuff that you have here is just move to a slower tier.
2180
03:08:24.530 --> 03:08:27.610
and it was pretty much like a take backup.
2181
03:08:28.800 --> 03:08:34.059
Orlando Gentil: meaning that the difference is, if you want to restore a backup that it's on archive storage.
2182
03:08:34.340 --> 03:08:40.390
Orlando Gentil: It will take longer than if the backup is stored on your object. Storage
2183
03:08:40.640 --> 03:08:44.499
Orlando Gentil: both. They have a limited capacity. You don't have to worry.
2184
03:08:44.770 --> 03:08:50.930
Orlando Gentil: and you can put objects as big as 10 TB using you the ability to
2185
03:08:51.250 --> 03:08:52.229
Orlando Gentil: from there
2186
03:08:52.270 --> 03:08:53.440
Orlando Gentil: pretty much
2187
03:08:53.540 --> 03:08:54.480
Orlando Gentil: anything.
2188
03:08:56.390 --> 03:08:58.469
Orlando Gentil: You put the unstructured data.
2189
03:08:58.920 --> 03:09:04.460
Orlando Gentil: So if you, if you want to store your logs, if you want to store images, videos.
2190
03:09:04.830 --> 03:09:10.360
Orlando Gentil: anything that you were creating, if your application can talk to the
2191
03:09:10.830 --> 03:09:15.399
Orlando Gentil: Api's to do the to upload the files, to retrieve the files.
2192
03:09:15.440 --> 03:09:17.729
to retrieve the file details.
2193
03:09:18.480 --> 03:09:19.929
Orlando Gentil: It will work there
2194
03:09:21.470 --> 03:09:27.879
Orlando Gentil: in between the object storage and archive storage. There is an intermediate
2195
03:09:27.970 --> 03:09:28.869
Orlando Gentil: tier
2196
03:09:29.560 --> 03:09:40.450
Orlando Gentil: that if you want something to that we call infrequent access, it's not listed here because it's not a different type. It's just like a subset of object storage.
2197
03:09:43.650 --> 03:09:46.890
Orlando Gentil: Okay. So I think that reps up the
2198
03:09:46.930 --> 03:09:51.689
Orlando Gentil: storage, not as deep as I wanted to to go through.
2199
03:09:51.870 --> 03:09:55.190
Orlando Gentil: But again, if you guys come on the
2200
03:09:56.220 --> 03:09:58.739
Orlando Gentil: education on the foundation scores.
2201
03:09:59.130 --> 03:10:01.609
Orlando Gentil: if you want to go like a self basis.
2202
03:10:02.560 --> 03:10:06.150
Orlando Gentil: you can find the same lessons that we went through.
2203
03:10:07.630 --> 03:10:10.259
Orlando Gentil: It's a total of 8 h of training.
2204
03:10:10.750 --> 03:10:13.530
Orlando Gentil: After that you can come here
2205
03:10:14.390 --> 03:10:15.470
Orlando Gentil: and
2206
03:10:16.100 --> 03:10:19.810
Orlando Gentil: click on this. Get started, and you can take the Xm.
2207
03:10:20.240 --> 03:10:22.589
Orlando Gentil: And from there you're going to be able to
2208
03:10:22.790 --> 03:10:27.470
Orlando Gentil: enroll on the exit certified cloud Octet.
2209
03:10:28.090 --> 03:10:30.159
Orlando Gentil: So you can go and
2210
03:10:30.300 --> 03:10:35.050
Orlando Gentil: keep pursuing a different certification again, this one the foundation it's free
2211
03:10:35.160 --> 03:10:36.480
Orlando Gentil: non-profit.
2212
03:10:36.600 --> 03:10:48.940
Orlando Gentil: So if you watch the videos keep some notes on where the information is based on the quiz that you have throughout the the training you should be able to get the certificate in the end of the week.
2213
03:10:50.250 --> 03:10:51.119
Orlando Gentil: Okay.
2214
03:10:52.790 --> 03:10:59.970
Orlando Gentil: I posted the this link 3 on the on the chat you can find me on.
2215
03:11:00.240 --> 03:11:05.380
Orlando Gentil: My social media is here in the beginning. You may, or linkedin Instagram to either.
2216
03:11:05.660 --> 03:11:08.329
Orlando Gentil: There are links to the oci trainings.
2217
03:11:08.400 --> 03:11:10.729
Orlando Gentil: Other life sessions that we offer
2218
03:11:11.460 --> 03:11:18.919
Orlando Gentil: live labs is an interesting resource. If you want to go and the find
2219
03:11:19.680 --> 03:11:21.929
Orlando Gentil: some practices they have that
2220
03:11:22.220 --> 03:11:40.570
Orlando Gentil: I don't have the link yet. There are some trainings in structure based that the partners like exit search fired will provide where you don't have to have an account. You just go with the instructions. You have a
2221
03:11:40.580 --> 03:11:45.969
Orlando Gentil: Brexit tendency. So you don't mess in one's environment. It's just for your training.
2222
03:11:46.360 --> 03:11:50.370
Orlando Gentil: You can check with them if they have up coming dates, how it's gonna be.
2223
03:11:51.560 --> 03:11:55.700
Orlando Gentil: Next thing is Architecture Center.
2224
03:11:56.530 --> 03:12:01.499
Orlando Gentil: This link is interesting. If you want to see how people are using. Oci.
2225
03:12:01.870 --> 03:12:03.630
Orlando Gentil: If
2226
03:12:04.320 --> 03:12:05.759
Orlando Gentil: you want to check
2227
03:12:06.700 --> 03:12:08.709
Orlando Gentil: different kinds of solutions.
2228
03:12:09.760 --> 03:12:13.130
Orlando Gentil: you can just speak from the tiles here, and
2229
03:12:13.430 --> 03:12:18.779
Orlando Gentil: a lot of them that you will have. I don't see that they they removed the
2230
03:12:19.430 --> 03:12:25.240
Orlando Gentil: There's some that a customer inspired. Oh, this is the one that i'm looking. If they have automation available.
2231
03:12:25.370 --> 03:12:33.489
Orlando Gentil: they have a one click deploy, and you can have all the resources provision to your tendency. So you don't have to deal.
2232
03:12:34.300 --> 03:12:40.140
Orlando Gentil: and with the process of creation. You can just evaluate how a solution works on Oci.
2233
03:12:43.030 --> 03:12:44.789
Orlando Gentil: And did I miss anything?
2234
03:12:45.040 --> 03:12:54.200
Orlando Gentil: These are the 3 links here are unofficial ways that I keep interacting with the community. You you can ignore that.
2235
03:12:57.710 --> 03:13:01.209
Orlando Gentil: Okay. So here I think that
2236
03:13:01.380 --> 03:13:04.329
Orlando Gentil: I had to rush on the in the end. Sorry for that.
2237
03:13:04.800 --> 03:13:08.330
Orlando Gentil: But I think that gets the the oci.
2238
03:13:08.730 --> 03:13:12.959
Orlando Gentil: I get your feet wet with full ci, and ready to
2239
03:13:13.260 --> 03:13:16.460
Orlando Gentil: join us on this new journey to know we'll see a.
2240
03:13:17.660 --> 03:13:19.310
Orlando Gentil: Do you have any closing notes?
2241
03:13:19.980 --> 03:13:32.190
ExitCertified: No, just so, thank you. Everyone for joining us today and thank you, Orlando, for hosting this session. If you guys have any questions to kind of wrap up the session. Please feel free to drop them in the Q. A. Box
2242
03:13:32.370 --> 03:13:39.900
ExitCertified: other than that this Webinar is being recorded, and everyone that registered will receive a recording in a follow up email before the end of the week.
2243
03:13:40.490 --> 03:13:47.450
ExitCertified: If you wish to connect with as it certified. Please feel free to visit our website. The link is in the chat box right now
2244
03:13:47.510 --> 03:13:51.130
to chat with our wraps or to view our upcoming core schedules
2245
03:13:51.730 --> 03:13:56.330
ExitCertified: with that said once again: Thank you so much for joining and have a great afternoon. Everyone.
2246
03:13:57.580 --> 03:13:58.700
Orlando Gentil: Thank you guys.