Challenge 1 Implement Private DNS Names and Private DNS Resolver Deploy a Serverless Function and Access Using an API Gateway Deployment in OCI Scenario You have joined ACME as their new Cloud Solutions Architect. Your organization wants to verify if they can execute their microservices deployed as serverless functions on another cloud provider using Oracle Functions in OCI. Preconfigured To complete this requirement, you are provided with the following: • Access to an OCI Tenancy, an assigned compartment, and OCI credentials. • Access to Cloud Shell to execute the Fn CLI and Docker commands. • Code for a sample Python function, ExamFunction - main.zip. • Permissions to perform only the tasks within the challenge. Note: Throughout your exam, ensure to use assigned Compartment99248134 - C01 and Region us - ashburn - 1 Complete the following tasks in the provisioned OCI environment: 1. Create a new VCN with the name exam - vcn within your assigned compartment by using the Start VCN Wizard. 2. Create a new Oracle Functions application named exam - app within your assigned compartment by using the private subnet in your previously created VCN. Ensure you use all defaults provided with the Create VCN with Internet Connectivity option.

Challenge 2 - Task 2 of 5 Deploy a Serverless Function and Access Using an API Gateway Deployment in OCI Scenario You have joined ACME as their new Cloud Solutions Architect. Your organization wants to verify if they can execute their microservices deployed as serverless functions on another cloud provider using Oracle Functions in OCI. Preconfigured To complete this requirement, you are provided with the following: • Access to an OCI Tenancy, an assigned compartment, and OCI credentials. • Access to Cloud Shell to execute the Fn CLI and Docker commands. • Code for a sample Python function, ExamFunction - main.zip. • Permissions to perform only the tasks within the challenge. Note: Throughout your exam, ensure to use assigned Compartment 99248134 - C01and Region us - ashburn - 1 Complete the following task: In the field below, write an IAM policy statement that allows API Gateway to access Oracle Functions in your compartment.

Deploy a Serverless Function and Access Using an API Gateway Deployment in OCI Scenario You have joined ACME as their new Cloud Solutions Architect. Your organization wants to verify if they can execute their microservices deployed as serverless functions on another cloud provider using Oracle Functions in OCI. Preconfigured To complete this requirement, you are provided with the following: • Access to an OCI Tenancy, an assigned compartment, and OCI credentials. • Access to Cloud Shell to execute the Fn CLI and Docker commands. • Code for a sample Python function, ExamFunction - main.zip. • Permissions to perform only the tasks within the challenge. Note: Throughout your exam, ensure to use assigned Compartment 99248134 - C01and Region us - ashburn - 1 Complete the following tasks in the provisioned OCI environment: Create a new private repository in the Container Registry named {username}/hellopythonwithin your assigned compartment. For example: If your user name is 99346163 - lab.user02, then name the registry as 99346163 - lab.user02/hello - python. Your username is 99248134 - lab.user01

Deploy a Serverless Function and Access Using an API Gateway Deployment in OCI Scenario You have joined ACME as their new Cloud Solutions Architect. Your organization wants to verify if they can execute their microservices deployed as serverless functions on another cloud provider using Oracle Functions in OCI. Preconfigured To complete this requirement, you are provided with the following: • Access to an OCI Tenancy, an assigned compartment, and OCI credentials. • Access to Cloud Shell to execute the Fn CLI and Docker commands. • Code for a sample Python function, ExamFunction - main.zip. • Permissions to perform only the tasks within the challenge. Note: Throughout your exam, ensure to use assigned Compartment 99248134 - C01 and Region us - ashburn - 1 Complete the following tasks in the provisioned OCI environment: 1. Set up the context for Fn CLI and deploy the python function to exam - app. a. Set up the Fn CLI context in Cloud Shell i. Set your region and your assigned compartment ii. Set your registry [repo - name - prefix], which must be: [region_key].ocir.io/[tenancy - name]/{username} For example, if your tenancy is ocuocictrng19, user name is 99346163 - lab.user02 and region is US East Ashburn, your registry must be iad.ocir.io/ocuocictrng19/99346163 - lab.user02. Your username is 99248134 - lab.user01 Your tenancy is ocuocictrng16 b. Login to the registry using docker login, which will require you to generate and use an Auth Token c. Use wget https://objectstorage.us - ashburn1.oraclecloud.com/n/ocuocictrng5/b/PBT_Storage/o/ExamFunction - main.zipto upload the zip archive containing the Python function files to Cloud Shell. d. Extract the files by using the unzip utility and navigate to the python sub - folder e. Deploy the python function to the exam - app using an fn command f. Invoke the function at least 2 times using an fn command

Deploy a Serverless Function and Access Using an API Gateway Deployment in OCI 1 Scenario You have joined ACME as their new Cloud Solutions Architect. Your organization wants to verify if they can execute their microservices deployed as serverless functions on another cloud provider using Oracle Functions in OCI. Preconfigured To complete this requirement, you are provided with the following: • Access to an OCI Tenancy, an assigned compartment, and OCI credentials. • Access to Cloud Shell to execute the Fn CLI and Docker commands. • Code for a sample Python function, ExamFunction - main.zip. • Permissions to perform only the tasks within the challenge. Note: Throughout your exam, ensure to use assigned Compartment 99248134 - C01 and Region us - ashburn - 1 Having deployed a private function to an Oracle Functions application in OCI as proof - of - concept, demonstrate that it can be invoked via a public API Gateway deployment. Before you proceed further, ensure that you have created the following resources: • An OCI VCN in your compartment for hosting the API Gateway2 • The hello - python function deployed to a Functions application in your compartment 2 Complete the following tasks in the provisioned OCI environment: 1. Create a new public API Gateway in your compartment named exam - gateway. 2. Create a new API Deployment named exam - deployment using /v1 as the path prefix in exam - gateway. 3. Create a new route by using /hello as the path and GET as the method. The route must invoke the hello - python function. 4. Create a new stateful CIDR Ingress Rule that allows for TCP HTTPS traffic (port 443) from all IP addresses and ports in the default Security List for exam - vcn. 5. Use curl to call the function via your API Gateway deployment. curl - k - X GET {deployment - endpoint}/hell 3 Answer: See the explanation for this task. Explanation: To complete the task of creating a public API Gateway and invoking a private function in OCI, you can follow these steps: To create a new public API Gateway in your compartment named exam - gateway, follow these steps: In the OCI Console, go to Developer Services and click API Gateway. Select your assigned compartment from the list on the left. Click Create Gateway. Enter exam - gateway as the Name and select Public as the Type. You can also add a description for the gateway if you want. Select your previously created VCN from the VCN dropdown menu and select any subnet from the Subnet dropdown menu. You can also enable logging for the gateway if you want. Click Create. This will create a new public API Gateway in your compartment that can expose your functions to the internet. To create a new API Deployment named exam - deployment using /v1 as the path prefix in exam - gateway, follow these steps: In the OCI Console, go to Developer Services and click API Gateway. Select your assigned compartment from the list on the left and click on your previously created gateway (exam - gateway). Click Deployments on the left panel and then click Create Deployment. Enter exam - deployment as the Name and select From Scratch as the Specification Type. You can also add a description for the deployment if you want. Enter /v1 as the Path Prefix and leave the other fields as default. Click Next. To create a new route by using /hello as the path and GET as the method, follow these steps: In the Create Deployment dialog box, click Add Route. Enter /hello as the Path, select GET as the Method, and select Oracle Functions as the Type. 4 Select your previously created function (hello - python) from the Function Name dropdown menu and leave the other fields as default. Click Save Changes. This will create a new route that will invoke your function when you send a GET request to /v1/hello. To create a new stateful CIDR Ingress Rule that allows for TCP HTTPS traffic (port 443) from all IP addresses and ports in the default Security List for exam - vcn, follow these steps: In the OCI Console, go to Networking and click Virtual Cloud Networks. Select your assigned compartment from the list on the left and click on your previously created VCN (exam - vcn). Click Security Lists on the left panel and then click on the default security list for your VCN. Click Edit All Rules and then click Add Ingress Rule under the Ingress Rules section. Enter 0.0.0.0/0 as the Source CIDR, select TCP as the IP Protocol, and enter 443 as both the Source Port Range and the Destination Port Range. You can also add a description for the rule if you want. Click Save Security List Rules. This will create a new stateful CIDR Ingress Rule that will allow HTTPS traffic from any source to reach your API Gateway. To use curl to call the function via your API Gateway deployment, follow these steps: In the OCI Console, go to Developer Services and click API Gateway. Select your assigned compartment from the list on the left and click on your previously created gateway (exam - gateway). Click Deployments on the left panel and then click on your previously created deployment (exam - deployment). Copy the value of the Endpoint URL field. This is the base URL for your API Deployment. In a terminal window, enter the following command: curl - k - X GET {deployment - endpoint}/v1/hello where {deployment - endpoint} is the base URL that you copied. For example, if your deployment endpoint is https://abc123xyz456.apigateway.us - ashburn - 1.oci.customer - oci.com, your command would be: curl - k - X GET https://abc123xyz456.apigateway.us - ashburn - 1.oci.customer - oci.com/v1/hello This will send a GET request to your API Deployment and invoke your function. You should see a response similar to this: {"message": "Hello World!"} 5