Your application is using an Object Storage bucket named app-data in the namespace vision, to store both persistent and temporary dat
a. Every week all the temporary data should be deleted to limit the storage consumption. Currently you need to navigate to the Object Storage page using the web console, select the appropriate bucket to view all the objects and delete the temporary ones. To simplify the task you have configured the application to save all the temporary data with /temp prefix. You have also decided to use the Command Line Interface (CLI) to perform this operation. What is the command you should use to speed up the data cleanup? (Choose the best answer.)
Your company has restructured its HR department. As part of this change, you also need to re-organize the compartments within Oracle Cloud Infrastructure (OCI) to align them with the company's new organizational structure. The following change is required:
Compartment Team_x needs to be moved under a new parent compartment, Project_B
The tenancy has the following policies defined for compartments Project_A and Project_B:
Policy1: Allow group G1 to manage instance-family in compartment HR:Project_A
Policy2: Allow group G2 to manage instance-family in compartment HR:Project_B
Which two statements describe the impacts after the compartment Team_x is moved? (Choose two.)
Which option contains the essential components of the Oracle Cloud Infrastructure Notifications service? (Choose the best answer.)
Scenario: 4 (Write Identity and Access Management Policies to Secure a Tenancy)
Scenario Description: (Hands-On Performance Exam Certification)
Your company has signed up for an OCI tenancy to migrate an e-commerce application, a supply chain management (SCM) system, and a customer relationship management (CRM) system. You have been tasked with setting up the requisite identity and access management (IAM) policies for your team to begin developing on OCI.
You start by setting up the following compartment hierarchy:
Tenancy (root)
Common-Infra
Network
Security
Applications
E-Comm
SCM
CRM
You create the following groups:
Network-Admins
Security-Admins
E-Comm-Admins
SCM-Admins
CRM-Admins
Write the IAM policies for the following use cases:
Assumptions:
Assume that all policies will be attached to the root compartment.
Write one policy per given text box.
Keep policies as simple as possible by using verbs instead of permissions (for example, ''inspect orm-stacks'' instead of ''ORM_STACK_INSPECT'') and aggregate resource types instead of individual ones (for example, ''file-family'' instead of ''file-systems'' and ''mount-targets'')
Task 1
Write a policy statement to enable Network-Admins to create and destroy network-related resources, such as VCNs, subnets, gateways, and so on in the Network compartment.
Task 2
Write policy statements to enable E-Comm-Admins to provision and destroy compute instances in the E-Comm compartment by using networking resources in the Network compartment.[Write one policy per given text box]
Task 3
Write a policy statement to enable SCM-Admins to provision, destroy, and back up block volumes in the SCM compartment---but only in Phoenix and London.
Task 1
Write a policy statement to enable Network-Admins to create and destroy network-related resources, such as VCNs, subnets, gateways, and so on in the Network compartment.
Solution- Policy Statement:
allow Network-Admins to manage virtual-network-family in compartment Common-Infra:Network
Task 2
Write policy statements to enable E-Comm-Admins to provision and destroy compute instances in the E-Comm compartment by using networking resources in the Network compartment.[Write one policy per given text box]
Solution- Policy Statement:
allow E-Comm-Admins to manage instance-family in compartment Applications:E-Commallow E-Comm-Admins to use virtual-network-family in compartment Common-Infra:Network
Task 3
Write a policy statement to enable SCM-Admins to provision, destroy, and back up block volumes in the SCM compartment---but only in Phoenix and London.
Solution- Policy Statement:
allow SCM-Admins to manage volume-family in compartment Applications:SCM where any{request.region='phx',request.region='lhr'}
Scenario: 3 (Use the OCI CLI to Work with Object Storage from a Compute Instance)
Scenario Description: (Hands-On Performance Exam Certification)
Your company runs a web application in OCI that generates log files. You want to upload these files to OCI Object Storage to meet data retention requirements. Some files need to be retained indefinitely, whereas others can be deleted after 30 days. Use the OCI CLI to create bucket and upload the log directory and create a lifecycle policy rule to delete temporary files after 30 days.
Pre-Configuration:
To fulfill this requirement, you are provided with the following:
Access to an OCI tenancy, an assigned compartment, and OCI credentials
A compute instance with OCI CLI installed and a set of files in ~/dir_to_upload to use
Access to the OCI Console
Required IAM policies
Assumptions:
Perform the tasks by using the OCI CLI on the compute instance.
Use instance principal authentication for all CLI commands; the instance has been given the policies necessary.
Connect to the compute instance using Cloud Shell's private networking and the provided SSH key.
An SSH key pair has been provided to you for the compute instance.
Private Key https://objectstorage.us-ashburn-1.oraclecloud.com/n/tenancyname/b/PBT_Storage/o/PKey.key
Note: Throughout your exam, ensure to use assigned Compartment , User Name and Region.
Complete the following tasks in the provisioned OCI environment:
Task 1: Create a Bucket in Object Storage
Task 2: Upload a Directory's Contents to Object Storage
Task 3: Add a Lifecycle Policy to the Bucket
Task 1: Create a Bucket in Object Storage
Create a bucket named CloudOpsBucket_<user id> with the following properties:
Storage tier: Standard
Auto-tiering: Disabled
Object versioning: Enabled
Emit events: Disabled
Keys: Oracle-managed
Visibility: Private
Task 2: Upload a Directory's Contents to Object Storage
Upload the contents of the directory ~/dir_to_upload and its subdirectories to the bucket CloudOpsBucket
Task 3: Add a Lifecycle Policy to the Bucket
Create a lifecycle policy rule that deletes all files from ~/dir_to_upload/temp after 30 days
Task 1:Create a bucket in Object Storage
1. Open Cloud Shell in the console. UnderNetworkalong the top, selectEphemeral Private Network Setup.
2. Select the subnet of the compute instance.
3. SSH into the compute instance using the provided SSH key:
ssh -i /path/to/key opc@
4. In the compute instance, create the bucket with the following command (note that it's one long line):
oci os bucket create -c '<compartment_id>' --name 'CloudOpsBucket' --auth instance_principal --versioning 'Enabled'
Task 2:Upload a directory's contents to Object Storage
1. Upload the contents of the specified directory and subdirectories with the following command (note that it's one long line):
oci os object bulk-upload -bn 'CloudOpsBucket' --src-dir '~/dir_to_upload' --auth instance_principal
Task 3:Add a lifecycle policy to the bucket
1. Create a file named rule.json
2. Add the following content to rule.json:
{'items': [{'action': 'DELETE','is-enabled': true,'name': 'Delete-Rule','object-name-filter': {'exclusion-patterns': null,'inclusion-patterns': null,'inclusion-prefixes': ['temp/']},'target': 'objects','time-amount': 30,'time-unit': 'DAYS'}]}
3. Add the lifecycle policy rule with the following command:
oci os object-lifecycle-policy put -bn 'CloudOpsBucket' --from-json file://rule.json ---auth instance_principal
Top of Form
Silvana
4 days agoAdelina
4 days agoTomas
12 days agoIvan
24 days agoDenae
2 months agoReiko
3 months agoMicaela
3 months agoDevora
3 months agoLing
3 months agoOrville
3 months agoWilda
3 months agoSharika
4 months ago