ExamTopics Logo
Mail Us[email protected]
Menu
Oracle Discussions
exam questions

Exam 1z0-1072-22 All Questions

View all questions & answers for the 1z0-1072-22 exam
Go to Exam

Exam 1z0-1072-22 topic 1 question 43 discussion

Actual exam question from Oracle's 1z0-1072-22
Question #: 43
Topic #: 1
[All 1z0-1072-22 Questions]

You need to set up instance principals so that an application running on an instance can call Oracle Cloud Infrastructure (OCI) public services, without the need to configure user credentials.
A developer in your team has already configured the application built using an OCI SDK to authenticate using the instance principals provider.
Which is NOT a necessary step to complete this set up?

  • A. Generate Auth Tokens to enable instances in the dynamic group to authenticate with APis.
  • B. Create a policy granting permissions to the dynamic group to access services in your compartment or tenancy.
  • C. Deploy the application and the SDK to all the instances that belong to the dynamic group.
  • D. Create a dynamic group with matching rules to specify which instances can make API calls against services.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by ksc_lam at Aug. 26, 2023, 6:50 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
StewartJ
3 months ago
Selected Answer: C
confirmed via documentation C
upvoted 1 times
...
foad
1 year, 7 months ago
Selected Answer: A
Create a dynamic group. In the dynamic group definition, you provide the matching rules to specify which instances you want to allow to make API calls against services. Create a policy granting permissions to the dynamic group to access services in your tenancy (or compartment). A developer in your organization configures the application built using the Oracle Cloud Infrastructure SDK to authenticate using the instance principals provider. The developer deploys the application and the SDK to all the instances that belong to the dynamic group. The deployed SDK makes calls to Oracle Cloud Infrastructure APIs as allowed by the policy (without needing to configure API credentials). For each API call made by an instance, the Audit service logs the event, recording the OCID of the instance as the value of principalId in the event log. See Contents of an Audit Log Event for more information. Link : https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/callingservicesfrominstances.htm
upvoted 2 times
...
ksc_lam
1 year, 7 months ago
Auth tokens are not necessary for instance principals to authenticate with APIs. Instance principals use the IAM service to authenticate with APIs, and the IAM service does not require auth tokens.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago