ExamTopics Logo
Mail Us[email protected]
Menu
Oracle Discussions
exam questions

Exam 1z0-1072-23 All Questions

View all questions & answers for the 1z0-1072-23 exam
Go to Exam

Exam 1z0-1072-23 topic 1 question 21 discussion

Actual exam question from Oracle's 1z0-1072-23
Question #: 21
Topic #: 1
[All 1z0-1072-23 Questions]

You have three compartments: ProjectA, ProjectB, and ProjectC. For each compartment, there is an admin group set up: A-Admins, B-Admins, and C-Admins.
Each admin group has full access over their respective compartments as shown in the graphic below.
Your organization has set up a tag namespace, EmployeeGroup.Role and all your admin groups are tagged with a value of 'Admin'.

You want to set up a Test compartment for members of the three projects to share. You also need to provide admin access to all three of your existing admin groups.
Which policy would you write to accomplish this task?

  • A. Allow all-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'
  • B. Allow dynamic-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'
  • C. Allow any-user to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'
  • D. Allow group any-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin'
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by kaka321 at Sept. 24, 2023, 11:43 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
arescons
3 months ago
C is correct. D is wrong, because you don't use "Any-group" with the prefix "group". It's a standlalone as is "any-user".
upvoted 1 times
...
a31c737
7 months, 1 week ago
c. Allow any-user who belongs to a group that has been tagged - admin'
upvoted 1 times
...
a31c737
7 months, 1 week ago
D. There is no all-group syntax in oci
upvoted 1 times
...
Mopo
10 months ago
Selected Answer: B
This policy grants permissions to a dynamic group named "dynamic-group" to manage all resources (all-resources) within the "Test" compartment. The condition "where request.principal.group.tag.EmployeeGroup.Role='Admin'" ensures that only members of the admin groups with the role tag 'Admin' are granted access to manage resources within the Test compartment. Using a dynamic group allows for flexibility as members can be added or removed dynamically based on the group's rules.
upvoted 1 times
...
gsake
1 year, 3 months ago
Selected Answer: C
https://docs.oracle.com/en-us/iaas/Content/Tagging/Tasks/managingaccesswithtags.htm#ariaid-title3#ariaid-title4#ariaid-title32
upvoted 2 times
...
Hotman1987
1 year, 3 months ago
There is NOTHING called all-group. Search the Oracle Training Guide and check for yourself C is the correct answer (any-user)
upvoted 2 times
...
alejodazam
1 year, 3 months ago
Selected Answer: C
is in the documentation: https://docs.oracle.com/en-us/iaas/Content/Tagging/Tasks/managingaccesswithtags.htm#ariaid-title3#ariaid-title4#ariaid-title32
upvoted 2 times
...
Ankoji
1 year, 3 months ago
The answer is "C" refer#https://docs.oracle.com/en-us/iaas/Content/Tagging/Tasks/managingaccesswithtags.htm
upvoted 1 times
...
gashforing
1 year, 3 months ago
D is correct answer
upvoted 2 times
...
antoniosilvano
1 year, 3 months ago
I think the correct response is "C". Here the documentation: https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policysyntax.htm Use any-user with specific role ADMIN
upvoted 2 times
...
Sherifci
1 year, 3 months ago
C is the correct answer
upvoted 2 times
...
kaka321
1 year, 3 months ago
A is wrong. D is correct. following the policy syntax. note all-group does not exist but any-group
upvoted 4 times
iggyboo
1 year, 3 months ago
Unless I'm missing something, there is no "all-group" in the syntax reference (as poor as Oracle has it though I might have missed it). There are however all-resources/all-<resource> style selectors that can be found. This is concerning though because this isn't the first time that an "Actual" test question had the wrong answer so I suspect there are landmines all over the certification test OR the writers of said test are just as confused because the documentation is all over the place.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago