ExamTopics Logo
Mail Us[email protected]
Menu
Oracle Discussions
exam questions

Exam 1z0-997-22 All Questions

View all questions & answers for the 1z0-997-22 exam
Go to Exam

Exam 1z0-997-22 topic 1 question 23 discussion

Actual exam question from Oracle's 1z0-997-22
Question #: 23
Topic #: 1
[All 1z0-997-22 Questions]

You are developing a Serverless function for your company's IoT project. This function should access Oracle Cloud Infrastructure (OCI) Object Storage to store some files. You choose Oracle Functions to deploy this function on OCI. However, your security team doesn't allow you to carry any API Token or RSA Key to authenticate the function against the OCI API to access the Object Storage.
What should you do to get this function to access OCI Object Storage without carrying any static authentication files?

  • A. There is no way that you can access the OCI resources from a running function.
  • B. Set up a Dynamic Group using the format below:
    All {resource, type = ‘fnfunc’, resource.compartment.id -
    ‘ocidl.compartment.ocl..aaaaaaaa23________smwa’)
    Create a policy using the format below to give access to OCI Object Storage: allow dynamic-group acme-func-dyn-grp to manage objects in compartment acme- storage-compartment where all (target.bucket.name-‘acme-functions-bucket’)
    Include a call to a 'resource principal provider' in your function code as below: signer - oci.auth.signers.get_resource_principals_signer{}
  • C. Add these two policy statements for your compartment to give your function automatic access to all other OCI resources:
    Allow group to manage fn-app in compartmert
    Allow group to manage fn-function in compartment
  • D. Add these two policy statements for your compartment and then include a call to a 'resource principal provider' in your function code:
    Allow group acme functions-developers to inspect repos in tenancy
    Allow group acme-functions-developers to manage repos in tenancy where all {target.repo.name-/acme-web-app*/ }
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by p55p at Aug. 5, 2023, 8:23 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
p55p
1 year, 6 months ago
Selected Answer: B
B agree
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago