Oracle 1Z0-997-23 Exam

To create a new private repository in the Container Registry named 99248134-lab.user01/hello-python within your assigned compartment, you can follow these steps:

In the OCI Console, go toDeveloper Servicesand clickContainer Registry.

Select your assigned compartment from the list on the left.

ClickCreate Repository.

In theCreate Repositorydialog box, enter99248134-lab.user01/hello-pythonas theRepository Nameand selectPrivateas theAccessoption. You can also add a description for the repository if you want.

ClickSubmit. This will create a new private repository in the Container Registry that you can use to store your serverless function images.

To complete the task of setting up the context for Fn CLI and deploying the python function to exam-app, you can follow these steps:

a. Set up the Fn CLI context in Cloud Shell - In the OCI Console, go to Developer Services and click Functions. - Select your assigned compartment from the list on the left. - Click Getting Started on the top right corner. - Copy and paste the commands from the Set Up Fn CLI Context section into the Cloud Shell window. This will create a new context for your region and compartment. - Set your registry [repo-name-prefix] by entering the following command in the Cloud Shell window:

`fn update context registry [region_key].ocir.io/[tenancy-name]/{username}`

where [region_key] is the region key for your region (for example, iad for US East Ashburn), [tenancy-name] is the name of your tenancy (for example, ocuocictrng16), and {username} is your username (for example, 99248134-lab.user01).

For example, if your region is US East Ashburn, your tenancy is ocuocictrng16, and your username is 99248134-lab.user01, your command would be:

`fn update context registry iad.ocir.io/ocuocictrng16/99248134-lab.user01`

b. Login to the registry using docker login, which will require you to generate and use an Auth Token - To generate an Auth Token, follow these steps: - In the OCI Console, open the Profile menu on the top right corner and click User Settings. - Click Auth Tokens on the left panel and then click Generate Token. - Enter a description for the token and click Generate Token. - Copy and save the token value. You will not be able to see it again later. - To login to the registry using docker login, follow these steps: - In the Cloud Shell window, enter the following command:

`docker login [region_key].ocir.io`

where [region_key] is the region key for your region (for example, iad for US East Ashburn).

For example, if your region is US East Ashburn, your command would be:

`docker login iad.ocir.io`

- Enter your username in the format `[tenancy-name]/oracleidentitycloudservice/{username}` (for example, ocuocictrng16/oracleidentitycloudservice/99248134-lab.user01) and press Enter.

- Enter your Auth Token as the password and press Enter. You should see a message saying 'Login Succeeded'.

c. Use wget https://objectstorage.us-ashburn1.oraclecloud.com/n/ocuocictrng5/b/PBT_Storage/o/ExamFunction-main.zipto upload the zip archive containing the Python function files to Cloud Shell. - In the Cloud Shell window, enter the following command:

`wget https://objectstorage.us-ashburn1.oraclecloud.com/n/ocuocictrng5/b/PBT_Storage/o/ExamFunction-main.zip`

This will download the zip archive to your current directory.

d. Extract the files by using the unzip utility and navigate to the python sub-folder - In the Cloud Shell window, enter the following commands:

`unzip ExamFunction-main.zip`

`cd ExamFunction-main/python`

This will extract the files from the zip archive and change your current directory to the python sub-folder.

e. Deploy the python function to the exam-app using an fn command - In the Cloud Shell window, enter the following command:

`fn deploy --app exam-app --local`

This will deploy the python function to the exam-app application using your local Docker image.

f. Invoke the function at least 2 times using an fn command - In the Cloud Shell window, enter the following command:

`fn invoke exam-app hellopython`

This will invoke the function and print its output.

- You can invoke the function again by repeating the same command or pressing Up Arrow and Enter keys. You should see different outputs each time you invoke the function.

To complete the task of creating a public API Gateway and invoking a private function in OCI, you can follow these steps:

To create a new public API Gateway in your compartment named exam-gateway, follow these steps:

In the OCI Console, go toDeveloper Servicesand clickAPI Gateway.

Select your assigned compartment from the list on the left.

ClickCreate Gateway.

Enterexam-gatewayas theNameand selectPublicas theType. You can also add a description for the gateway if you want.

Select your previously created VCN from theVCNdropdown menu and select any subnet from theSubnetdropdown menu. You can also enable logging for the gateway if you want.

ClickCreate. This will create a new public API Gateway in your compartment that can expose your functions to the internet.

To create a new API Deployment named exam-deployment using /v1 as the path prefix in exam-gateway, follow these steps:

In the OCI Console, go toDeveloper Servicesand clickAPI Gateway.

Select your assigned compartment from the list on the left and click on your previously created gateway (exam-gateway).

ClickDeploymentson the left panel and then clickCreate Deployment.

Enterexam-deploymentas theNameand selectFrom Scratchas theSpecification Type. You can also add a description for the deployment if you want.

Enter /v1 as thePath Prefixand leave the other fields as default. ClickNext.

To create a new route by using /hello as the path and GET as the method, follow these steps:

In the Create Deployment dialog box, clickAdd Route.

Enter /hello as thePath, select GET as theMethod, and select Oracle Functions as theType.

Select your previously created function (hello-python) from theFunction Namedropdown menu and leave the other fields as default. ClickSave Changes. This will create a new route that will invoke your function when you send a GET request to /v1/hello.

To create a new stateful CIDR Ingress Rule that allows for TCP HTTPS traffic (port 443) from all IP addresses and ports in the default Security List for exam-vcn, follow these steps:

In the OCI Console, go toNetworkingand clickVirtual Cloud Networks.

Select your assigned compartment from the list on the left and click on your previously created VCN (exam-vcn).

ClickSecurity Listson the left panel and then click on the default security list for your VCN.

ClickEdit All Rulesand then clickAdd Ingress Ruleunder the Ingress Rules section.

Enter 0.0.0.0/0 as theSource CIDR, select TCP as theIP Protocol, and enter 443 as both theSource Port Rangeand theDestination Port Range. You can also add a description for the rule if you want.

ClickSave Security List Rules. This will create a new stateful CIDR Ingress Rule that will allow HTTPS traffic from any source to reach your API Gateway.

To use curl to call the function via your API Gateway deployment, follow these steps:

In the OCI Console, go toDeveloper Servicesand clickAPI Gateway.

Select your assigned compartment from the list on the left and click on your previously created gateway (exam-gateway).

ClickDeploymentson the left panel and then click on your previously created deployment (exam-deployment).

Copy the value of the Endpoint URL field. This is the base URL for your API Deployment.

In a terminal window, enter the following command:

curl -k -X GET {deployment-endpoint}/v1/hello

where {deployment-endpoint} is the base URL that you copied.

For example, if your deployment endpoint is https://abc123xyz456.apigateway.us-ashburn-1.oci.customer-oci.com, your command would be:

curl -k -X GET https://abc123xyz456.apigateway.us-ashburn-1.oci.customer-oci.com/v1/hello

This will send a GET request to your API Deployment and invoke your function. You should see a response similar to this:

{'message': 'Hello World!'}

Topic 2, Multiple Choice Questions

Option A is incorrect because rclone is not a tool provided by Object Storage.It is a third-party command-line program that can sync files to and from various cloud storage providers, including Object Storage1.

Option B is incorrect because contiguous numbers are not required for each part.Object Storage constructs the object by ordering part numbers in ascending order only if they are not specified in the commit operation1.

Option C is correct because after initiating a multipart upload, you need to explicitly commit or abort it.Otherwise, it remains active until it expires after 24 hours1.

Option D is incorrect because Object Storage does not provide APIs to split a file into multiple parts.You need to use your own tools or programs to do that1.

Option E is correct because you can list all parts that have been uploaded for an active multipart upload by using the ListMultipartUploadParts API or CLI command.However, you cannot list information for an individual object part by using the GetObject API or CLI command1.

Option A is incorrect because adding an entry in the Security List of the ADW allowing ingress traffic for CIDR block 10.2.2.0/24 will not enable connectivity from the server on the private network to ADW.This is because ADW does not use security lists to control access to its database service2.

Option B is correct because adding an entry in the route table (associated with the private subnet) with destination of 0.0.0.0/0; target type of NAT Gateway, will allow outbound internet access from the server on the private network without exposing its private IP address3. Additionally, adding a stateful egress rule to the security list (associated with the private subnet) with destination of 0.0.0.0/0 and for all IP protocols will allow outbound traffic from any source port to any destination port.

Option C is incorrect because adding an entry in the access control list of ADW for IP address 129.146.160.11 will not enable connectivity from the server on the private network to ADW. This is because this IP address belongs to the NAT gateway, not to the server on the private network.

Option D is incorrect because adding an entry in the route table (associated with the private subnet) with destination of 0.0.0.0/0; target type of Internet Gateway, will expose the private IP address of the server on the private network to the public internet3. This is not recommended for security reasons and may also cause routing conflicts.

Option E is correct because adding an entry in the access control list of ADW for CIDR block 10.2.2.0/24 will allow access from any IP address within that range, including the server on the private network2.