Oracle Cloud Infrastructure Documentation

Adding a Removed Subcompartment to a Security Zone

If you removed a subcompartment from a security zone, you can add it back to the same security zone. As a result, Oracle Cloud Infrastructure ensures that resources in the subcompartment comply with the security zone's policies.

Any existing Cloud Guard target for this subcompartment is deleted. No changes are made to the parent compartment's security zone target, or to any of the existing Cloud Guard detector recipes.

The following diagram illustrates the Cloud Guard configuration for a subcompartment that's added back to a security zone:


The parent compartment and two subcompartments are in a single security zone. The parent compartment is associated with a security zone target in Cloud Guard. The security zone target is associated with detector recipes.

View full-size image.

    1. On the Security Zones list page, select the security zone that you want to work with. If you need help finding the list page or the security zone, see Listing a Security Zone.
    2. Select Add compartment.
    3. Select a compartment and then select Add compartment.

      You can select only a subcompartment of the security zone's parent compartment, and only if the subcompartment isn't already in a zone.

  • Use the oci cloud-guard security-zone add command and required parameters to add a removed compartment to a security zone:

    oci cloud-guard security-zone add --compartment-id <compartment_ocid> --security-zone-id <security_zone_ocid> [OPTIONS]

    For a complete list of flags and variable options for CLI commands, see the Command Line Reference.

  • Run the AddCompartment operation to add a removed compartment to a security zone.