ExamTopics Logo
Mail Us[email protected]
Menu
Oracle Discussions
exam questions

Exam 1z0-1072-22 All Questions

View all questions & answers for the 1z0-1072-22 exam
Go to Exam

Exam 1z0-1072-22 topic 1 question 10 discussion

Actual exam question from Oracle's 1z0-1072-22
Question #: 10
Topic #: 1
[All 1z0-1072-22 Questions]

You have three compartments: ProjectA, ProjectB, and ProjectC. For each compartment, there is an admin group set up: A-Admins, B-Admins, and C-Admins.
Each admin group has full access over their respective compartments as shown in the graphic below.
Your organization has set up a tag namespace, EmployeeGroup.Role and all your admin groups are tagged with a value of 'Admin'.

You want to set up a Test compartment for members of the three projects to share. You also need to provide admin access to all three of your existing admin groups.
Which policy would you write to accomplish this task?

  • A. Allow dynamic-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'
  • B. Allow all-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'
  • C. Allow group any-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'
  • D. Allow any user to manage all resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Mormor at June 13, 2023, 4:31 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
adz07
5 months ago
Selected Answer: D
I think it is D. (although there seems to be typo) Syntax:{{ group <group_name> | group id <group_ocid> | dynamic-group <dynamic-group_name> | dynamic-group id <dynamic-group_ocid>| any-group | any-user}} https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policysyntax.htm
upvoted 1 times
...
Smelly_Cat
1 year, 4 months ago
Selected Answer: C
C. Allow group any-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin' Explanation: The "C. Allow group any-group" part of the policy grants permissions to the group named "any-group." "to manage all-resources in compartment Test" specifies that this group has management permissions in the "Test" compartment. "where request.principal.group.tag.EmployeeGroup.Role='Admin'" ensures that only members of groups tagged with 'Admin' in the "EmployeeGroup.Role" namespace will have this access. This policy allows any user who is a member of a group with the 'Admin' tag in the specified namespace to manage resources in the "Test" compartment.
upvoted 1 times
...
Bauf
1 year, 6 months ago
The right answer is D with correct typos any-user otherwise none of the answers will be correct. Because all-group and any-group are not a reserve word on policies and allow dynamic-group without the name of the dynamyc group is not a correct synthax
upvoted 1 times
...
BharatDixit
1 year, 6 months ago
Selected Answer: D
* all-group is NOT a key word. B is wrong. * D looks correct if we fix typo of "any user" to "any-user". Link : https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policysyntax.htm
upvoted 2 times
...
Feanorich
1 year, 7 months ago
Selected Answer: B
Correct
upvoted 1 times
...
fededale95
1 year, 7 months ago
No, D is wrong, There isn't all groups subject without - in the middle.
upvoted 1 times
...
Mormor
1 year, 7 months ago
Should be D, any-user
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago