You have three compartments: ProjectA, ProjectB, and ProjectC. For each compartment, there is an admin group set up: A-Admins, B-Admins, and C-Admins.
Each admin group has full access over their respective compartments as shown in the graphic below.
Your organization has set up a tag namespace, EmployeeGroup.Role and all your admin groups are tagged with a value of 'Admin'.
You want to set up a Test compartment for members of the three projects to share. You also need to provide admin access to all three of your existing admin groups.
Which policy would you write to accomplish this task?
Allow all-group to manage all-resources in compartment Test where request.principal.group.tag.EmployeeGroup.Role='Admin' is the policy that would accomplish this task. This policy grants admin access to all groups that have the tag EmployeeGroup.Role='Admin' in the compartment Test. The other options are not correct, as they use incorrect terms such as dynamic-group, any-group, or any-user. Reference: [Tag-Based Authorization]
Celia
7 months agoYuette
7 months agoGlory
5 months agoFelix
5 months agoVince
6 months agoMireya
6 months agoGlendora
6 months agoPage
6 months agoMatthew
7 months agoMilly
6 months agoJulene
6 months ago