When establishing cross-tenancy connectivity using Remote Peering Connections (RPCs), which IAM policy statement is essential to grant the requesting tenancy the ability to initiate the connection?
A.
Allow group to manage virtual-network-family in tenancy=
B.
Allow group to use remote-peering-connections in tenancy=
C.
Allow group to inspect virtual-network-family in tenancy=
D.
Allow group to read remote-peering-connections in tenancy=
Objective:Grant requesting tenancy permission to initiate an RPC to the target tenancy.
RPC Process:Requires the requesting tenancy to create and connect the RPC, which needs specific IAM permissions in the target tenancy.
IAM Verbs:
manage:Broad permissions, too permissive for RPC initiation.
use:Allows creation and connection of RPCs, precise for this task.
inspect:Read-only, insufficient for initiating connections.
read:Read-only, insufficient for initiating connections.
Evaluate Options:
A:Too broad, includes unnecessary permissions; incorrect.
B:Precise permission for RPC initiation; correct.
C:Read-only, doesn’t allow connection; incorrect.
D:Read-only, doesn’t allow connection; incorrect.
Conclusion:"use remote-peering-connections" is the essential policy.
RPCs require specific IAM policies for cross-tenancy connectivity. The Oracle Networking Professional study guide states, "To initiate a Remote Peering Connection, the requesting tenancy needs an IAM policy with the 'use remote-peering-connections' verb targeting the acceptor tenancy’s OCID" (OCI Networking Documentation, Section: Remote Peering Connections). This ensures controlled access for connection establishment.
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit