Identity and Access Management - AuthN | AuthZ

Question 1

IAM entity that is allowed to interact with OCI resources

Answer 1

Principal

Question 2

Principal type entails people who are logging on to your console or using your CLI or SDKs

Answer 2

User Principals

Question 3

Principal type that entails the resources themselves

Answer 3

Resource principals

Question 4

An instance that becomes a principle that means it can make API calls against other OCI services like storage.

Answer 4

Resource principal example

Question 5

A collection of users who have the same type of access requirements to resources

Answer 5

Groups

Different types: admins, storage, network etc

Question 6

Type of AuthN used to identify yourself on website

Answer 6

Username and Password

Question 7

Common AuthN for cloud that use public private key pairs

Answer 7

API signing keys

Question 8

API signing keys use this to view public/private key

Answer 8

RSA

Question 9

Another way to do AuthN using Oracle-generated token strings to authenticate third-party APIS that don’t support OCI authentication model.

Answer 9

Authenication-tokens

Question 10

Deals with permissions and figuring out what permissions you have.

Answer 10

Authorization - AuthZ

Question 11

An example of Authenication-tokens

Call using auth tokens to access apis

Answer 11

Autonomous Data Warehouse API call

Question 12

In OCI AuthZ is accomplished through these policies

Answer 12

Auhorization

Question 13

Policies attached to a tenancy apply to the entire

Answer 13

tenancy

Question 14

Policies applied to a compartment apply to only the resources within

Answer 14

that compartment

Question 15

AuthZ in OCI is begins with this type of state

Answer 15

Allow

Question 16

in OCI everything by default is

Answer 16

denied

Question 17

There are “ “ levels of verbs

Answer 17

4

Question 18

verb: You can manage all resources

Answer 18

Manage

Question 19

verb: You can read

Answer 19

Use