Warning
This content has been generated by machine translation. The translations are automated and have not undergone human review or validation.
2.4 Initial Cloud Account (Tenancy) Architecture
- Once the Cloud Account environment is created, users will be managed by OCI Native IAM. Oracle Identity Cloud Service (IDCS) was initially Federtion as an Identity Provider as a relic of OCI Classic.
- Administrator of OCI has all privileges of the OCI Tenancy
- The OCI_Administrator group in IDCS is mapped to an Administrator group in OCI. When you log into OCI Console as SSO, you are actually a user in OCI_Administrator, but on OCI they are treated as Administrator groups and have related permissions.
- When you create a user on IDCS, ex) when the neo@example.com user is created, it is automatically synchronized and an oracleidentitycloudservice/neo@example.com is created on OCI.
- Compartment, a compartment for OCI resources, has the original Root Compartment and needs to be added if needed
As an individual, this article was written with my personal time. There may be errors in the content of the article, and the opinions in the article are personal opinions.