Oracle Cloud Infrastructure US Government Cloud with FedRAMP Authorization

This topic contains information specific to Oracle Cloud Infrastructure US Government Cloud with FedRAMP authorization.

Authorizations

Oracle Cloud Infrastructure US Government Cloud has obtained the following authorizations:

  • FedRAMP High
  • DISA Impact Level 5

For information about the US Government Cloud, see For All US Government Cloud Customers.

Regions

The region names and identifiers for the US Government Cloud with FedRAMP authorization are shown in the following table:

Region Name Region Identifier Region Location Region Key Realm Key Availability Domains
US Gov East (Ashburn) us-langley-1 Ashburn, VA LFI OC2 1
US Gov West (Phoenix) us-luke-1 Phoenix, AZ LUF OC2 1

After your tenancy is created in one of these regions, you can subscribe to the other region. Tenancies in the FedRAMP-authorized regions cannot subscribe to the commercial regions, or to the US Federal Cloud regions. For information about subscribing to a region, see Managing Regions.

US Government Cloud with FedRAMP Authorization API Reference and Endpoints

US Government Cloud with FedRAMP authorization has these APIs and corresponding regional endpoints:

Core Services (covering Networking, Compute, and Block Volume)

The Networking, Compute, and Block Volume services are accessible with the following API:

Core Services API

API reference

  • https://iaas.us-langley-1.oraclegovcloud.com
  • https://iaas.us-luke-1.oraclegovcloud.com
Database API

API reference

  • https://database.us-langley-1.oraclegovcloud.com
  • https://database.us-luke-1.oraclegovcloud.com

You can track the progress of long-running Database operations with the Work Requests API.

IAM API

API reference

  • https://identity.us-langley-1.oraclegovcloud.com
  • https://identity.us-luke-1.oraclegovcloud.com
Note

Use the Endpoint of Your Home Region for All IAM API Calls

When you sign up for Oracle Cloud Infrastructure, Oracle creates a tenancy for you in one region. This is your home region. Your home region is where your IAM resources are defined. When you subscribe to a new region, your IAM resources are replicated in the new region, however, the master definitions reside in your home region and can only be changed there. Make all IAM API calls against your home region endpoint. The changes automatically replicate to all regions. If you try to make an IAM API call against a region that is not your home region, you will receive an error. See How do I find my tenancy home region?

Key Management API (for the Vault service)

API reference

  • https://kms.us-langley-1.oraclegovcloud.com
  • https://kms.us-luke-1.oraclegovcloud.com

In addition to these endpoints, each vault has a unique endpoint for create, update, and list operations for keys. This endpoint is referred to as the control plane URL or management endpoint. Each vault also has a unique endpoint for cryptographic operations. This endpoint is known as the data plane URL or the cryptographic endpoint.

Monitoring API

API reference

  • https://telemetry-ingestion.us-langley-1.oraclegovcloud.com
  • https://telemetry-ingestion.us-luke-1.oraclegovcloud.com
  • https://telemetry.us-langley-1.oraclegovcloud.com
  • https://telemetry.us-luke-1.oraclegovcloud.com
Object Storage and Archive Storage APIs

Both Object Storage and Archive Storage are accessible with the following APIs:

Object Storage API

API reference

  • https://objectstorage.us-langley-1.oraclegovcloud.com
  • https://objectstorage.us-luke-1.oraclegovcloud.com
Amazon S3 Compatibility API

API reference

  • https://<object_storage_namespace>.compat.objectstorage.us-langley-1.oraclegovcloud.com
  • https://<object_storage_namespace>.compat.objectstorage.us-luke-1.oraclegovcloud.com
Tip

See Understanding Object Storage Namespaces for information regarding how to find your Object Storage namespace.
Swift API (for use with Oracle RMAN)
  • https://swiftobjectstorage.us-langley-1.oraclegovcloud.com
  • https://swiftobjectstorage.us-luke-1.oraclegovcloud.com
Work Requests API (for Compute and Database work requests)

API reference

  • https://iaas.us-langley-1.oraclegovcloud.com
  • https://iaas.us-luke-1.oraclegovcloud.com

Services Not Supported in US Government Cloud with FedRAMP Authorization

The following services are currently not available or not supported for tenancies in the US Government Cloud with FedRAMP authorization.

Core Infrastructure services and features not available:

  • Compute service features:
    • Autoscaling
  • Data Transfer service
  • File Storage service

Database services not available:

  • Autonomous Data Warehouse
  • Autonomous Transaction Processing
  • Data Safe

Data and AI services not available:

  • Digital Assistant

Solutions and Platform services not available:

  • Announcements
  • Analytics Cloud
  • Fusion Analytics Warehouse
  • Application Migration
  • Compliance Documents
  • Container Engine for Kubernetes
  • Content and Experience
  • DNS Zone Management
  • Email Delivery
  • Events
  • Functions
  • Health Checks
  • Integration
  • Marketplace
  • Notifications
  • Registry
  • Resource Manager
  • Streaming
  • Traffic Management Steering Policies

Governance and Administration features not supported:

  • Auto-federation with Oracle Identity Cloud Service
  • WAF service

Special considerations for Infrastructure Tools:

  • The Oracle Cloud Infrastructure Terraform provider does not support FIPS-certified encryption.

Integration with Oracle SaaS and PaaS services, including those listed here: Getting Started with Oracle Platform Services

Additional Information for US Government Cloud with FedRAMP Authorization Customers