Exam 1z0-1072-24 Topic 2 Question 9 Discussion
Actual exam question for Oracle's 1z0-1072-24 exam
Question #: 9
Topic #: 2
Question #: 9
Topic #: 2
Which policy would you write to provide admin access to all three of your existing admin groups for a shared Test compartment?
Suggested Answer: A Vote an answer
In Oracle Cloud Infrastructure (OCI), policies are written to define permissions for user groups. The correct policy to provide admin access to all three existing admin groups in a shared compartment (in this case, the
"Test" compartment) would be:
"Allow all-group to manage all-resources in compartment Test where request.principal.group.tag.
EmployeeGroup.Role='Admin'".
* "Allow all-group": Grants access to all groups.
* "to manage all-resources": Specifies full access permissions (manage includes all CRUD operations).
* "in compartment Test": Limits the scope of the policy to the "Test" compartment.
* "where request.principal.group.tag.EmployeeGroup.Role='Admin'": Adds a condition to restrict this admin-level access to only groups tagged with the role 'Admin'.
This policy ensures that only users in the groups tagged as Admin will be allowed to manage resources in the Test compartment, making it the most suitable choice for providing admin access.
For reference:
* OCI Policy Syntax Documentation
"Test" compartment) would be:
"Allow all-group to manage all-resources in compartment Test where request.principal.group.tag.
EmployeeGroup.Role='Admin'".
* "Allow all-group": Grants access to all groups.
* "to manage all-resources": Specifies full access permissions (manage includes all CRUD operations).
* "in compartment Test": Limits the scope of the policy to the "Test" compartment.
* "where request.principal.group.tag.EmployeeGroup.Role='Admin'": Adds a condition to restrict this admin-level access to only groups tagged with the role 'Admin'.
This policy ensures that only users in the groups tagged as Admin will be allowed to manage resources in the Test compartment, making it the most suitable choice for providing admin access.
For reference:
* OCI Policy Syntax Documentation
by someone at Jan 23, 2025, 12:43 AM
0
0
0
10
Comments
someone
2025-01-23 00:43:25for reference
https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policysyntax.htm
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).