From a1b329b57a9ff10f571051de8fbccdbb16507e38 Mon Sep 17 00:00:00 2001 From: Filippos Boufis Date: Mon, 18 Nov 2024 12:21:06 +0200 Subject: [PATCH 1/7] Updated folder structure and added review date --- .../private-cloud-and-edge/README.md | 2 ++ .../compute-cloud-at-customer/README.md | 15 +++++++++++++++ .../hsp/README.md | 2 ++ .../observability and management/README.md | 2 ++ .../files/LogAnalyticsDashboard.png | Bin 5 files changed, 21 insertions(+) create mode 100644 cloud-infrastructure/private-cloud-and-edge/compute-cloud-at-customer/README.md rename cloud-infrastructure/private-cloud-and-edge/{ => compute-cloud-at-customer}/hsp/README.md (99%) rename cloud-infrastructure/private-cloud-and-edge/{ => compute-cloud-at-customer}/observability and management/README.md (99%) rename cloud-infrastructure/private-cloud-and-edge/{ => compute-cloud-at-customer}/observability and management/files/LogAnalyticsDashboard.png (100%) diff --git a/cloud-infrastructure/private-cloud-and-edge/README.md b/cloud-infrastructure/private-cloud-and-edge/README.md index be49a25da..5ba015f3b 100644 --- a/cloud-infrastructure/private-cloud-and-edge/README.md +++ b/cloud-infrastructure/private-cloud-and-edge/README.md @@ -1,5 +1,7 @@ # Private Cloud and Edge +Reviewed: 18.11.2024 + ## Useful Links - [Oracle Compute Cloud@Customer](https://www.oracle.com/uk/cloud/compute/cloud-at-customer/) diff --git a/cloud-infrastructure/private-cloud-and-edge/compute-cloud-at-customer/README.md b/cloud-infrastructure/private-cloud-and-edge/compute-cloud-at-customer/README.md new file mode 100644 index 000000000..6b7546539 --- /dev/null +++ b/cloud-infrastructure/private-cloud-and-edge/compute-cloud-at-customer/README.md @@ -0,0 +1,15 @@ +# Compute Cloud@Customer + +Reviewed: 18.11.2024 + +## Useful Links + +- [Oracle Compute Cloud@Customer](https://www.oracle.com/uk/cloud/compute/cloud-at-customer/) + +## License + +Copyright (c) 2024 Oracle and/or its affiliates. + +Licensed under the Universal Permissive License (UPL), Version 1.0. + +See [LICENSE](https://github.com/oracle-devrel/technology-engineering/blob/main/LICENSE) for more details. diff --git a/cloud-infrastructure/private-cloud-and-edge/hsp/README.md b/cloud-infrastructure/private-cloud-and-edge/compute-cloud-at-customer/hsp/README.md similarity index 99% rename from cloud-infrastructure/private-cloud-and-edge/hsp/README.md rename to cloud-infrastructure/private-cloud-and-edge/compute-cloud-at-customer/hsp/README.md index 33e5b8199..d90e615dd 100644 --- a/cloud-infrastructure/private-cloud-and-edge/hsp/README.md +++ b/cloud-infrastructure/private-cloud-and-edge/compute-cloud-at-customer/hsp/README.md @@ -1,5 +1,7 @@ # C3 Hosting Service Provider - IAM Policies for Isolation +Reviewed: 18.11.2024 + The Hosting Service Provider (HSP) model on Compute Cloud@Customer (C3) allows hosting for multiple end customers, each isolated in a dedicated compartment with separate VCN(s) per customer. To ensure the end customer can only diff --git a/cloud-infrastructure/private-cloud-and-edge/observability and management/README.md b/cloud-infrastructure/private-cloud-and-edge/compute-cloud-at-customer/observability and management/README.md similarity index 99% rename from cloud-infrastructure/private-cloud-and-edge/observability and management/README.md rename to cloud-infrastructure/private-cloud-and-edge/compute-cloud-at-customer/observability and management/README.md index 35b920268..11be3aab2 100644 --- a/cloud-infrastructure/private-cloud-and-edge/observability and management/README.md +++ b/cloud-infrastructure/private-cloud-and-edge/compute-cloud-at-customer/observability and management/README.md @@ -1,5 +1,7 @@ # C3 OKE - Monitoring with OCI Log Analytics +Reviewed: 18.11.2024 + ## Introduction This page details an all OCI solution for monitoring kubernetes clusters diff --git a/cloud-infrastructure/private-cloud-and-edge/observability and management/files/LogAnalyticsDashboard.png b/cloud-infrastructure/private-cloud-and-edge/compute-cloud-at-customer/observability and management/files/LogAnalyticsDashboard.png similarity index 100% rename from cloud-infrastructure/private-cloud-and-edge/observability and management/files/LogAnalyticsDashboard.png rename to cloud-infrastructure/private-cloud-and-edge/compute-cloud-at-customer/observability and management/files/LogAnalyticsDashboard.png From 428d795914922676d40f38336e8e5ce8cceaa74e Mon Sep 17 00:00:00 2001 From: ocisec <137906818+ocisec@users.noreply.github.com> Date: Mon, 18 Nov 2024 10:46:22 +0000 Subject: [PATCH 2/7] Update README.md Carried out the review --- cloud-infrastructure/infrastructure-security/bastion/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cloud-infrastructure/infrastructure-security/bastion/README.md b/cloud-infrastructure/infrastructure-security/bastion/README.md index 3f272a37d..40b67c721 100644 --- a/cloud-infrastructure/infrastructure-security/bastion/README.md +++ b/cloud-infrastructure/infrastructure-security/bastion/README.md @@ -2,7 +2,7 @@ Oracle Cloud Infrastructure Bastion provides restricted and time-limited access to target resources that don't have public endpoints. -Reviewed: 30.01.2024 +Reviewed: 18.11.2024 # Table of Contents From 6065fd68ce68b96e211e32264c38bfa8f94b9017 Mon Sep 17 00:00:00 2001 From: ocisec <137906818+ocisec@users.noreply.github.com> Date: Mon, 18 Nov 2024 10:51:53 +0000 Subject: [PATCH 3/7] Update README.md added Instance Security and new video --- .../infrastructure-security/cloudguard/README.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/cloud-infrastructure/infrastructure-security/cloudguard/README.md b/cloud-infrastructure/infrastructure-security/cloudguard/README.md index 3972bff4f..faf46ee03 100644 --- a/cloud-infrastructure/infrastructure-security/cloudguard/README.md +++ b/cloud-infrastructure/infrastructure-security/cloudguard/README.md @@ -6,7 +6,7 @@ Cloud Guard detects security problems within a customer tenancy by ingesting aud Responders can mitigate, correct, and prevent security issues based on a problem. -Reviewed: 30.01.2024 +Reviewed: 18.11.2024 # Table of Contents @@ -17,6 +17,10 @@ Reviewed: 30.01.2024 - [Cloud Coaching Cloud Guard](https://www.youtube.com/watch?v=D5L0Hy8h9aY) - Video about Oracle Cloud Guard +- [Cloud Coaching Setup and Enforce Your Cloud Posture with Oracle Cloud Guard](https://youtu.be/_F6sEAhCeMU) + - Video about Setup and Enforce Your Cloud Posture with Oracle Cloud Guard + + # Useful Links @@ -26,6 +30,8 @@ Reviewed: 30.01.2024 - Documentation showing how you can integrate Cloud Guard with your SIEM - [Cloud Guard and Security Zone Video]( https://www.youtube.com/watch?v=aYmKk5-FJJk) - Video by Clay Magouyrk showing Cloud Guard and Security Zones +- [Oracle Cloud Guard Instance Security](https://www.oracle.com/security/cloud-security/cloud-guard/instance-security/) + - Oracle Cloud Guard Instance Security Overview # License From 002bf65de2381f5079bfbbb56c3d7513377ebc42 Mon Sep 17 00:00:00 2001 From: ocisec <137906818+ocisec@users.noreply.github.com> Date: Mon, 18 Nov 2024 10:53:18 +0000 Subject: [PATCH 4/7] Update README.md content review done --- cloud-infrastructure/infrastructure-security/eusc/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cloud-infrastructure/infrastructure-security/eusc/README.md b/cloud-infrastructure/infrastructure-security/eusc/README.md index e6b584b5c..5a3f32fb9 100644 --- a/cloud-infrastructure/infrastructure-security/eusc/README.md +++ b/cloud-infrastructure/infrastructure-security/eusc/README.md @@ -2,7 +2,7 @@ EU Sovereign Cloud is Oracle’s sovereign cloud offering, designed for the data laws and requirements of the EU. -Reviewed: 31.01.2024 +Reviewed: 18.11.2024 # Table of Contents From b79ba0d2ec01e0aa8b1dfa69c2e80961c4d87e80 Mon Sep 17 00:00:00 2001 From: ocisec <137906818+ocisec@users.noreply.github.com> Date: Mon, 18 Nov 2024 10:56:49 +0000 Subject: [PATCH 5/7] Update README.md added new blog --- cloud-infrastructure/infrastructure-security/iam/README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/cloud-infrastructure/infrastructure-security/iam/README.md b/cloud-infrastructure/infrastructure-security/iam/README.md index 2f1662303..45288ba4e 100644 --- a/cloud-infrastructure/infrastructure-security/iam/README.md +++ b/cloud-infrastructure/infrastructure-security/iam/README.md @@ -2,7 +2,7 @@ OCI IAM is a native service of OCI that provides enterprise-class identity and access management features such as strong, adaptive authentication, user Lifecycle Management (LCM), and Single Sign-On (SSO) to enterprise applications. OCI IAM is deployed as an identity domain(s) in OCI. Included domain(s) allow organizations to manage access to their Oracle Cloud services (network, compute, storage, etc.) and Oracle SaaS applications. Customers can choose to upgrade or create additional identity domains to accommodate other use cases such as managing workforce access to non-Oracle applications, enabling consumer access to customer-facing applications, or embedding IAM into custom-developed applications. -Reviewed: 30.01.2024 +Reviewed: 18.11.2024 # Table of Contents @@ -20,6 +20,10 @@ Reviewed: 30.01.2024 - [SAML with JIT provisioning to setup an identity broker or identity hub]( https://blogs.oracle.com/coretec/post/saml-with-just-in-time-provisioning-to-setup-an-identity-broker-or-identity-hub) - Video about SAML with JIT Provisioning to set up an Identity Broker +- [OCI SSO with OpenID Connect Integration](https://blogs.oracle.com/coretec/post/oci-sso-with-openid-connect-integration) + - Blog about OCI SSO with OpenID Connect Integration + + - [SSO/Federation with Keycloak and IDCS and/or OCI IAM-Domains](https://blogs.oracle.com/coretec/post/ssofederation-with-keycloak-and-idcs-andor-oci-iam-domains) - Blog about SSO/Federation with Keycloak and IDCS and/or OCI IAM-Domains From efc98c368392d52c87cffea20581719ad0218dff Mon Sep 17 00:00:00 2001 From: ocisec <137906818+ocisec@users.noreply.github.com> Date: Mon, 18 Nov 2024 10:58:03 +0000 Subject: [PATCH 6/7] Update README.md reviewed content --- .../infrastructure-security/isolated-region/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cloud-infrastructure/infrastructure-security/isolated-region/README.md b/cloud-infrastructure/infrastructure-security/isolated-region/README.md index 182ac4be0..4484f38c7 100644 --- a/cloud-infrastructure/infrastructure-security/isolated-region/README.md +++ b/cloud-infrastructure/infrastructure-security/isolated-region/README.md @@ -2,7 +2,7 @@ Oracle Cloud Isolated Region is a secure, air-gapped Oracle Cloud Infrastructure (OCI) solution designed to meet the higher demands of global customers’ mission-critical classified workloads. -Reviewed: 31.01.2024 +Reviewed: 18.11.2024 # Table of Contents From c0a9111c0529d5d19cbddc29a0d45c6b94140dae Mon Sep 17 00:00:00 2001 From: ocisec <137906818+ocisec@users.noreply.github.com> Date: Mon, 18 Nov 2024 10:59:34 +0000 Subject: [PATCH 7/7] Update README.md reviewed kms content --- cloud-infrastructure/infrastructure-security/ocivault/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cloud-infrastructure/infrastructure-security/ocivault/README.md b/cloud-infrastructure/infrastructure-security/ocivault/README.md index eea42f8af..b5e57c55e 100644 --- a/cloud-infrastructure/infrastructure-security/ocivault/README.md +++ b/cloud-infrastructure/infrastructure-security/ocivault/README.md @@ -2,7 +2,7 @@ OCI Vault lets you centrally manage and control the use of keys and secrets across a wide range of OCI services and applications. OCI Vault is a secure, resilient managed service that lets you focus on your data encryption needs without worrying about time-consuming administrative tasks such as hardware provisioning, software patching, and high availability. -Reviewed: 30.01.2024 +Reviewed: 18.11.2024 # Table of Contents