Exam 1z0-1067-21 topic 1 question 36 discussion

Actual exam question from Oracle's 1z0-1067-21

Question #: 36
Topic #: 1

You are using Oracle Cloud Infrastructure (OCI) services across several regions: us-phoenix-1, us-ashburn-1, uk-london-1 and ap-tokyo-1. You have creates a separate administrator group for each region: PHX-Admins, ASH-Admins, LHR-Admins and NRT-Admins, respectively.
You want to restrict admin access to a specific region. E.g., PHX-Admins should be able to manage all resources in the us-phoenix-1 region only and not any other OCI regions.
What IAM policy syntax is required to restrict PHX-Admins to manage OCI resources in the us-phoenix-1 region only? (Choose the best answer.)

A. Allow group PHX-Admins to manage all-resources in tenancy where request.region= 'phx'
B. Allow group PHX-Admins to manage all-resources in tenancy where request.permission= 'phx'
C. Allow group PHX-Admins to manage all-resources in tenancy where request.target= 'phx'
D. Allow group PHX-Admins to manage all-resources in tenancy where request.location= 'phx'

Show Suggested Answer

Suggested Answer: A 🗳️

by Lone_Rider at Oct. 19, 2021, 11:04 p.m.

Comments

Submit Cancel

GeisonSilva

3 years, 6 months ago

Selected Answer: A

Correct answer is A:

upvoted 1 times

...

Lone_Rider

3 years, 7 months ago

Correct answer is A: Use conditions to limit access depending on region: request.region https://docs.oracle.com/en-us/iaas/Content/Identity/Reference/policyreference.htm#General

upvoted 2 times

...