ExamTopics Logo
Mail Us[email protected]
Menu
Oracle Discussions
exam questions

Exam 1z0-1072-20 All Questions

View all questions & answers for the 1z0-1072-20 exam
Go to Exam

Exam 1z0-1072-20 topic 1 question 44 discussion

Actual exam question from Oracle's 1z0-1072-20
Question #: 44
Topic #: 1
[All 1z0-1072-20 Questions]

You developed a microservices based application that runs on Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE). You want to provide access to this cluster to other team members.
What should you do to provide access to this cluster using as fewest steps as possible?

  • A. Create a group in OCI Infrastructure Access Management (IAM). Create a policy to grant access to the OKE cluster. Other team members should use OCI Cloud Shell to generate the kubeconfig into their own cloud shell environment and access the cluster using kubectl from cloud shell.
  • B. Create a group in OCI Infrastructure Access Management (IAM). Create a policy to grant access to the OKE cluster. Create individual users and access token for each team member. Other team members should use OCI Cloud Shell to generate the kubeconfig into their own cloud shell environment and access the cluster using kubectl from cloud shell.
  • C. Create a group in OCI Infrastructure Access Management (IAM). Create a policy to grant access to the OKE cluster. Create a cluster role and cluster role binding to provide access to the cluster for each team member. Other team members should install oci cli and kubectl locally on their laptop. Use the oci cli to generate the kubeconfig and use kubectl to access the cluster.
  • D. Create a group in OCI Infrastructure Access Management (IAM). Create a policy to grant access to the OKE cluster. Other team members should install oci cli and kubectl locally on their laptop. Use the oci cli to generate the kubeconfig and use kubectl to access the cluster.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by riso51 at Dec. 13, 2020, 3:26 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
luisrogo
3 years, 10 months ago
Looking examples in https://docs.oracle.com/en-us/iaas/Content/ContEng/Concepts/contengaboutaccesscontrol.htm It seems is C...
upvoted 1 times
luisrogo
3 years, 10 months ago
Im wrong. The correct answer is A.
upvoted 1 times
...
...
PietroC
4 years, 1 month ago
I think the answer is B (see https://docs.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengdownloadkubeconfigfile.htm): "The authentication tokens generated by the Oracle Cloud Infrastructure CLI command in the kubeconfig file are short-lived, cluster-scoped, and specific to individual users. As a result, you cannot share kubeconfig files between users to access Kubernetes clusters." Create separate users for each team member is a mandatory step
upvoted 1 times
PietroC
3 years, 10 months ago
I was wrong too, A is the correct answer. I agree with luisrogo. The point is "grant access to cluster with minimal steps"
upvoted 1 times
...
...
KSF
4 years, 3 months ago
A is correct
upvoted 1 times
...
Lif
4 years, 5 months ago
Agree with you riso51 A is correct
upvoted 2 times
...
riso51
4 years, 6 months ago
I would say A; that one is 'using as fewest steps as possible'
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel