To enable isolation segments, an operator must install the Pivotal Platform Isolation Segment tile by performing the procedures in the Installing Pivotal Platform Isolation Segment topic. Installing the tile creates a single isolation segment.
After an admin creates a new isolation segment, the admin can then create and manage relationships between the orgs and spaces of a Cloud Foundry deployment and the new isolation segment.
To manage the isolation segment, an operator uses cf CLI commands.
Operators can perform the following operations on isolation segments:
- Create/list/delete isolation segments
- Enable/disable and display enabled isolation segments for an org
- Set the default isolation segment for an org
- Assign an isolation segment to a space and show the isolation segment assigned to a space
- Reset the isolation segment assignment for a space
- Use isolation segments in conjunction with infrastructure-level isolation features for comprehensive separation of applications.