Oracle Cloud Infrastructure 2022 Architect Associate — Question 15

Which Oracle Cloud Infrastructure (OCI) Identity and Access Management (IAM) policy is invalid?

Answer options

• A. Allow dynamic-group FrontEnd to manage instance-family in compartment Project-A
• B. Allow any-user to inspect users in tenancy
• C. Allow group A-Admins to manage all-resources in compartment Project-A
• D. Allow group A-Developers to create volumes in compartment Project-A

Correct answer: B

Explanation

Option B is incorrect because allowing 'any-user' to inspect users in a tenancy violates the principle of least privilege, as it exposes user information to all users. The other options are valid as they specify permissions for specific groups or dynamic groups within designated compartments.