Oracle Cloud Infrastructure 2023 Architect Associate — Question 7

You need to set up instance principals so that an application running on an instance can call Oracle Cloud Infrastructure (OCI) public services, without the need to configure user credentials or a configuration file.
A developer in your team has already configured the application built using an OCI SDK to authenticate using the instance principals provider.
Which is NOT a necessary step to complete this set up?

Answer options

• A. Create a policy granting permissions to the dynamic group to access services in your compartment or tenancy.
• B. Generate Auth Tokens to enable instances in the dynamic group to authenticate with APIs.
• C. Create a dynamic group with matching rules to specify which instances can make API calls against services.
• D. Deploy the application and the SDK to all the instances that belong to the dynamic group.

Correct answer: B

Explanation

The correct answer is B because instance principals do not require Auth Tokens for authentication; they rely on the instance metadata for access control. Options A, C, and D are essential steps to ensure that the dynamic group has the necessary permissions and that the application is set up correctly on the instances.