Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Oracle Exam 1Z0-1109-23 Topic 1 Question 14 Discussion

Actual exam question for Oracle's 1Z0-1109-23 exam
Question #: 14
Topic #: 1
[All 1Z0-1109-23 Questions]

You're using Oracle Cloud Infrastructure (OCI) DevOps service to automate your software releases to release features more frequently and with fewer errors. While deploying an update to production, one of your deployment stages failed. What action should you perform in your Deployment Pipeline?

Show Suggested Answer Hide Answer
Suggested Answer: D

To create an OCI IAM policy that will be used in a DevOps CI/CD pipeline for deployment to an OKE environment, you need to use a dynamic group and grant it the permission to manage all-resources in the target compartment. A dynamic group is a group of OCI resources that match a set of rules defined by the administrator. You can use a dynamic group to assign IAM policies to resources such as build pipelines and deployment pipelines. By granting the dynamic group the permission to manage all-resources, you allow it to perform any action on any resource type in the compartment, including OKE clusters, node pools, and Kubernetes resources. Verified Reference: [Dynamic Groups - Oracle Cloud Infrastructure Identity and Access Management], [Creating Dynamic Groups - Oracle Cloud Infrastructure Identity and Access Management]


by Wilda at Feb 07, 2024, 06:20 AM

Limited Time Offer

25%

Off

Get Premium 1Z0-1109-23 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Launa
1 years ago
It seems like there are valid arguments for each option, but we should consider the principle of least privilege in choosing the IAM policy.
upvoted 0 times
...
Elza
1 years ago
I see the point for all options mentioned, but I think option D might be too broad in allowing the deployment pipeline to manage all-resources.
upvoted 0 times
...
Alethea
1 years ago
I think option B could work too, as it allows the build pipeline group to manage all-resources in the compartment.
upvoted 0 times
...
Ivan
1 years ago
I'm not sure, but option C with the dynamic-group for code repository also seems like a valid choice.
upvoted 0 times
...
Dallas
1 years ago
I agree with Enola, option A seems like the most specific and secure choice for the IAM policy.
upvoted 0 times
...
Enola
1 years ago
I think option A makes sense, as it specifically allows the deployment pipeline group to manage the devops-family resources.
upvoted 0 times
...
Doug
1 years ago
I see now, option C) makes sense for managing devops-family in a secure way.
upvoted 0 times
...
Refugia
1 years ago
That's a good point, using dynamic groups can provide more granular control.
upvoted 0 times
...
Vallie
1 years ago
I think option C) with dynamic-group for code repository is the most secure choice.
upvoted 0 times
...
Refugia
1 years ago
But option A) specifies the exact group for managing devops-family.
upvoted 0 times
...
Doug
1 years ago
I disagree, I believe option B) is more appropriate.
upvoted 0 times
...
Refugia
1 years ago
I think option A) is the best choice.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77