Oracle Cloud Infrastructure 2019 Developer Associate — Question 154

You have successfully configured identity federation between Oracle Cloud Infrastructure (OCI) and Oracle Identity Cloud Services (IDCS). A new project manager wants access to OCI for her team and provides the name of an existing group within IDCS to use when granting access.
How do you configure federation to allow the project team access to OCI resources?

Answer options

• A. Create a new IAM group in OCI and map it to the existing IDCS group. Create a new policy in IDCS and reference the name of the IAM group.
• B. Create a new Identity and Access Management (IAM) policy in OCI and reference the name of the IDCS group in each policy statement.
• C. Create a new compartment in OCI with the same name as the existing IDCS group. Create an IAM policy that references the new compartment and the name of the IDCS group.
• D. Create a new IAM group in OCI and map it to the existing IDCS group. Create a new IAM policy and reference the name of the IAM group in each policy statement.

Correct answer: D

Explanation

The correct answer is D because it involves creating an IAM group in OCI linked to the existing IDCS group, which is necessary for access management. Option A is incorrect as it suggests creating a policy in IDCS instead of OCI. Option B fails to map the IAM group to the IDCS group correctly. Option C incorrectly suggests using a compartment instead of an IAM group for access control.