OCI Deployment Architecture

The following diagram shows the network architecture of the OCI Language Service model deployed in customer tenancy. The data used to train the model is stored in object storage and the access to the object storage to the OCI Data Science job is regulated via resource principal. The custom model is deployed in private subnet of Language Service and the access to the model is exposed via OCI Language Model endpoints.

There are security rules defined on private VCN which allows specific IP access for port 443 and 3001 to the API gateway. NAT gateway is also configured, so that the ingestion job can fetch the data from the B2C Service Cloud and store it in the OCI object storage.

Note: Specific IPv4 CIDR Block can be found under the details page of VCN and subnets.