Oracle Exam 1Z0-1084-22 Topic 1 Question 10 Discussion

Actual exam question for Oracle's 1Z0-1084-22 exam

Question #: 10
Topic #: 1

A programmer Is developing a Node is application which will run in a Linux server on their on-premises data center. This application will access various Oracle Cloud Infrastructure (OC1) services using OCI SDKs.

What is the secure way to access OCI services with OCI Identity and Access Management (JAM)?

ACreate a new OCI IAM user associated with a dynamic group and a policy that grants the desired permissions to OCI services. Add the on-premises Linux server in the dynamic group.

BCreate an OCI IAM policy with the appropriate permissions to access the required OCI services and assign the policy to the on-premises Linux server.

CCreate a new OCI IAM user, add the user to a group associated with a policy that grants the desired permissions to OCI services. In the on-premises Linux server, generate the keypair used for signing API requests and upload the public key to the IAM user.

DCreate a new OCI IAM user, add the user to a group associated with a policy that grants the desired permissions to OCI services. In the on-premises Linux server, add the user name and password to a file used by Node.js authentication.

Show Suggested Answer

Suggested Answer: C

Set up an Oracle Cloud Infrastructure API Signing Key for Use with Oracle Functions:

Before using Oracle Functions, you have to set up an Oracle Cloud Infrastructure API signing key.

The instructions in this topic assume:

- you are using Linux

For more information and other options, seeRequired Keys and OCIDs.

The instructions below describe how to create a new ~/.oci directory, how to generate a new private key file and public key file in that ~/.oci directory,how to upload the public key to Oracle Cloud Infrastructure to create a new API signing key, and how to obtain a fingerprint for the public API key. Be aware that instructions and examples elsewhere in this documentation assume the ~/.oci directory exists and contains the private and public key files.

To set up an API signing key:

In a terminal window, confirm that the ~/.oci directory does not already exist. For example, by entering:

ls ~/.oci

Assuming the ~/.oci directory does not already exist, create it. For example, by entering:

mkdir ~/.oci

Generate a private key encrypted with a passphrase that you provide by entering:

$ openssl genrsa -out ~/.oci/.pem -aes128 2048

whereis a name of your choice for the private key file (for example,john_api_key_private.pem).

For example:

$ openssl genrsa -out ~/.oci/john_api_key_private.pem -aes128 2048

Generating RSA private key, 2048 bit long modulus

....+++

....................................................................+++

e is 65537 (0x10001)

Enter pass phrase for /Users/johndoe/.oci/john_api_key_private.pem:

References:

https://docs.cloud.oracle.com/en-us/iaas/Content/Functions/Tasks/functionssetupapikey.htm

by Gayla at Oct 17, 2022, 06:58 PM

Limited Time Offer

25%

Off

Get Premium 1Z0-1084-22 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!