Oracle Cloud Infrastructure (OCI) Cheat Sheet

Updated 2026-05-22

Next Topic: Serverless Architecture Cheat Sheet

Oracle Cloud Infrastructure (OCI) is Oracle's second-generation cloud platform, purpose-built for enterprise performance, security, and Oracle workloads. Unlike first-generation clouds, OCI uses dedicated bare-metal compute, non-blocking networking, and a flat, predictable pricing model designed to eliminate the cost surprises common on other hyperscalers. The key mental model to carry into every OCI design is that everything lives in a compartment, IAM policies are attached to compartments rather than individual resources, and the tenancy itself is always the root compartment — getting that hierarchy right upfront prevents governance pain at scale.

What This Cheat Sheet Covers

This topic spans 17 focused tables and 130 indexed concepts. Below is a complete table-by-table outline of this topic, spanning foundational concepts through advanced details.

Table 1: Physical Architecture — Regions, Realms, and Availability DomainsTable 2: Virtual Cloud Network (VCN) and Networking FundamentalsTable 3: Advanced Networking — DRG, FastConnect, and VPNTable 4: Identity and Access Management (IAM)Table 5: Compute ServicesTable 6: Storage ServicesTable 7: Database ServicesTable 8: Container and Serverless ServicesTable 9: Messaging, Streaming, and Event ServicesTable 10: Security ServicesTable 11: Observability and ManagementTable 12: Resource Manager and Infrastructure as CodeTable 13: Oracle Generative AI ServiceTable 14: Multicloud and Hybrid CloudTable 15: Pricing, Free Tier, and Cost ManagementTable 16: Migration Patterns from On-Premises OracleTable 17: Common Pitfalls and Ecosystem Differences

Table 1: Physical Architecture — Regions, Realms, and Availability Domains

OCI's physical hierarchy — realm → region → availability domain → fault domain — governs where resources live, how they replicate, and what resilience guarantees apply. Many "out of capacity" and cross-region connectivity issues stem from misunderstanding which tier a resource belongs to.

Concept	Example	Description
Region	`us-ashburn-1`, `eu-frankfurt-1`	• Localized geographic area • resources deployed here are isolated from other regions • 45+ commercial regions globally as of 2026.
Availability Domain (AD)	`PHX-AD-1`, `PHX-AD-2`, `PHX-AD-3`	• One or more independent data centers within a region • connected by low-latency, high-bandwidth internal network • AD names are randomized per tenancy to balance capacity
Fault Domain (FD)	FD-1, FD-2, FD-3 within an AD	• Grouping of hardware within an AD • each AD contains exactly 3 fault domains • protects against hardware failures and planned maintenance events
Realm	OC1 (commercial), OC2 (US Gov), OC3 (US DoD)	• Logical collection of regions • a tenancy exists in exactly one realm and cannot access regions in a different realm.

Table 1: Physical Architecture — Regions, Realms, and Availability Domains

Concept	Example	Description
Region	`us-ashburn-1`, `eu-frankfurt-1`	• Localized geographic area • resources deployed here are isolated from other regions • 45+ commercial regions globally as of 2026.
Availability Domain (AD)	`PHX-AD-1`, `PHX-AD-2`, `PHX-AD-3`	• One or more independent data centers within a region • connected by low-latency, high-bandwidth internal network • AD names are randomized per tenancy to balance capacity
Fault Domain (FD)	FD-1, FD-2, FD-3 within an AD	• Grouping of hardware within an AD • each AD contains exactly 3 fault domains • protects against hardware failures and planned maintenance events
Realm	OC1 (commercial), OC2 (US Gov), OC3 (US DoD)	• Logical collection of regions • a tenancy exists in exactly one realm and cannot access regions in a different realm.