Oracle Cloud Infrastructure 2021 Architect Associate — Question 11

You need to set up instance principals so that an application running on an instance can call Oracle Cloud Infrastructure (OCI) public services, without the need to configure user credentials.
A developer in your team has already configured the application built using an OCI SDK to authenticate using the instance principals provider.
Which is NOT a necessary step to complete this set up?

Answer options

• A. Deploy the application and the SDK to all the instances that belong to the dynamic group.
• B. Create a dynamic group with matching rules to specify which instances you want to allow to make API calls against services
• C. Generate Auth Tokens to enable instances in the dynamic group to authenticate with APIs
• D. Create a policy granting permissions to the dynamic group to access services in your compartment or tenancy.

Correct answer: C

Explanation

The correct answer is C because instance principals do not require generating Auth Tokens for authentication; instead, they use the instance's metadata for this purpose. Options A, B, and D are essential steps in ensuring the application can properly access OCI public services through the configured dynamic group and policy.