Domain 4: Using OCI Generative AI RAG Agents Service (20%)
Domain 4 of the 1Z0-1127-25 Oracle Cloud Infrastructure 2025 Generative AI Professional exam covers the OCI Generative AI Agents service -- a fully managed service for building intelligent virtual agents backed by retrieval-augmented generation (RAG), SQL, and custom tools. This domain represents approximately 10 questions on the 50-question exam (90 minutes, 68% passing score). This is a new domain that did not exist in the 2024 version of the exam (1Z0-1127-24) and tests your knowledge of the managed Agents service as distinct from the manual RAG pipeline covered in Domain 3.
1. Service Fundamentals
What the Agents Service Does
The OCI Generative AI Agents service is a fully managed platform that combines LLMs with knowledge retrieval, SQL generation, API calling, and multi-agent orchestration. Rather than building RAG pipelines from scratch (as in Domain 3 with LangChain + Oracle Database 23ai), the Agents service handles document ingestion, vector indexing, retrieval, and generation in a unified, managed workflow. (OCI GenAI Agents Overview)
Agents Service vs. Manual RAG (Domain 3)
This distinction is critical for the exam. Expect questions that test whether you know when to use each approach.
| Aspect | Manual RAG (Domain 3) | Managed Agents Service (Domain 4) |
|---|---|---|
| Orchestration | You build with LangChain, custom code | Fully managed by Oracle |
| Document processing | You write loaders, splitters, chunkers | Automatic ingestion pipeline |
| Vector storage | Oracle Database 23ai with manual embedding | Multiple data stores (Object Storage, Oracle DB, OpenSearch, HeatWave MySQL) |
| Embedding generation | You call embedding APIs explicitly | Handled automatically (Object Storage) or BYO (database stores) |
| LLM invocation | You code the chain/prompt logic | Configured via agent tools and routing LLM |
| Session management | You manage conversation state | Built-in session management with configurable idle timeout |
| Guardrails | You implement content moderation | Built-in content moderation, PII protection, prompt injection defense |
| Multi-agent | Not covered in Domain 3 | Native supervisor/collaborator agent architecture |
| Best for | Custom pipelines, fine-grained control | Rapid deployment, enterprise chatbots, multi-tool agents |
Exam trap: If a question describes a scenario where someone needs a quick knowledge-base chatbot with built-in guardrails, the answer is the Agents service. If the scenario requires custom chunking strategies, custom embedding models, or fine-grained pipeline control, the answer is the manual RAG approach from Domain 3.
Service Regions
The Agents service is available in 7 regions. Memorize these -- region availability is testable. (OCI GenAI Agents Overview)
| Region | Identifier | Key |
|---|---|---|
| US East (Ashburn) | us-ashburn-1 |
IAD |
| US Midwest (Chicago) | us-chicago-1 |
ORD |
| US West (Phoenix) | us-phoenix-1 |
PHX |
| Brazil East (Sao Paulo) | sa-saopaulo-1 |
GRU |
| Germany Central (Frankfurt) | eu-frankfurt-1 |
FRA |
| UK South (London) | uk-london-1 |
LHR |
| Japan Central (Osaka) | ap-osaka-1 |
KIX |
2. Architecture and Components
Core Components
The service has a clear component hierarchy. Understanding how these relate to each other is essential for the exam. (OCI GenAI Agents Concepts)
Agent
|-- Routing LLM (model selection)
|-- Tool 1 (RAG, SQL, Function Calling, API Endpoint, or Agent)
| |-- Knowledge Base (for RAG tools)
| |-- Data Source
| |-- Data Store (Object Storage, Oracle DB, OpenSearch, HeatWave MySQL)
|-- Tool 2 ...
|-- Endpoint 1
| |-- Session(s)
| |-- Guardrails (content moderation, PII, prompt injection)
|-- Endpoint 2 ...
| Component | Purpose |
|---|---|
| Agent | The top-level entity. Combines an LLM with one or more tools. |
| Tool | A capability attached to an agent: RAG, SQL, Function Calling, API Endpoint Calling, or Agent (subagent). |
| Knowledge Base | A data container for RAG tools. Contains exactly one data source. |
| Data Source | The connection to a specific data store (one per knowledge base). |
| Data Ingestion Job | An asynchronous job that processes documents from Object Storage into the knowledge base. |
| Endpoint | A deployed instance of an agent that can receive chat requests. |
| Session | A stateful conversation context maintained across multiple chat turns. |
Exam trap: A knowledge base can have only one data source. An agent can have at most two knowledge bases (attached via a RAG tool). These are hard limits. Do not confuse "data source" with "data store" -- the data source is the connection configuration, the data store is the underlying storage system.
Five Tool Types
The Agents service supports five tool types. Know all five and when to use each. (OCI GenAI Agents Getting Started)
| Tool Type | What It Does | Key Requirement |
|---|---|---|
| RAG | Retrieves from knowledge bases to answer questions from documents | Knowledge base with data source |
| SQL | Converts natural language to SQL SELECT queries; optionally executes them | Database schema definition; Database Tools connection for execution |
| Function Calling | Invokes custom functions with JSON Schema parameters | Function definition in JSON Schema format |
| API Endpoint Calling | Calls external REST APIs or OCI APIs defined in OpenAPI spec | OpenAPI 3.0+ schema; authentication configuration |
| Agent | Attaches another agent's endpoint as a collaborator (subagent) | Active, session-enabled endpoint on the collaborator agent |
Exam trap: The SQL tool only generates SELECT queries. It cannot INSERT, UPDATE, or DELETE. If a question asks about modifying data via natural language, the SQL tool is not the answer.
3. Knowledge Base Creation and Data Stores
Four Supported Data Stores
For the RAG tool, knowledge bases can connect to four types of data stores. (OCI GenAI Agents Getting Started)
| Data Store | Embedding Handling | Ingestion | Key Requirement |
|---|---|---|---|
| OCI Object Storage | Automatic (service generates embeddings) | Service runs ingestion jobs | Upload documents to a bucket |
| Oracle AI Database 26ai | BYO (bring your own vector embeddings) | No ingestion job needed | Vector search function in database |
| HeatWave MySQL | BYO vector embeddings | No ingestion job needed | Search procedure returning JSON |
| OCI OpenSearch | BYO (pre-ingested and indexed data) | No ingestion job needed | Pre-indexed OpenSearch cluster |
Exam trap: Only Object Storage data stores use the automatic ingestion pipeline. For Oracle DB, HeatWave MySQL, and OpenSearch, you bring your own pre-processed data and embeddings. If a question mentions "ingestion job," it is referring to Object Storage.
Object Storage Data Source Details
This is the most common data source for exam questions. (OCI GenAI Agents Object Storage Guidelines)
Supported file formats:
| Format | Extension | Key Constraints |
|---|---|---|
.pdf |
Max 100 MB; password-protected PDFs not supported; images max 8 MB | |
| Text | .txt |
Max 100 MB |
| JSON | .json |
Max 100 MB; UTF-8 English only; max 50 nesting levels; max 10,000 list items |
| HTML | .html |
Max 100 MB; only visible content ingested; images must be JPEG, relative paths, max 6 MB each |
| Markdown | .md |
Max 100 MB; images are ignored |
Exam trap: HTML images must use relative paths (e.g., <img src="./image.jpg">). HTTP/HTTPS URLs or absolute paths for images are not supported in HTML files. Markdown images are completely ignored during ingestion.
Metadata filtering: You can attach metadata to files for filtering during chat. Metadata is defined via a _metadata_schema.json file at the bucket root. Supported types are integer, string, list_of_string, and double. Metadata fields cannot be changed or removed after ingestion -- you must recreate the knowledge base. Maximum 20 metadata fields per file. (OCI GenAI Agents Object Storage Guidelines)
Oracle Database Data Source Details
For Oracle AI Database 26ai integration, you must create a database table with required fields (DOCID, BODY, VECTOR) and a retrieval function that accepts a query string and top_k parameter, returning results via SYS_REFCURSOR. The function must use the same embedding model for both stored content and query-time embedding. Connection requires a Database Tools connection with credentials stored in OCI Vault. (OCI GenAI Agents Oracle DB Guidelines)
Exam trap: The database documentation references "Oracle AI Database 26ai," not 23ai. For the exam, know that the Agents service requires a vector search function/procedure in the database -- it does not index or embed your data for you. That is your responsibility (BYO).
Ingestion Jobs
Ingestion jobs apply only to Object Storage data sources. Key facts: (OCI GenAI Agents Data Ingestion)
- Only one active ingestion job per data source at a time
- Maximum 10,000 files per ingestion job (increasable by request)
- Jobs cannot be canceled once started
- Smart restart: When restarting a failed job, the pipeline skips previously successful files and only re-processes updated failed files
- Job statuses: Accepted, Succeeded, Completed with failures, Failed (fix data source), Failed (needs retry), Failed (contact support)
4. Creating and Configuring Agents
Agent Creation Workflow
The standard workflow is: set up IAM policies, prepare data, create an agent with tools, create an endpoint, and chat. (OCI GenAI Agents Create Agent)
Agent configuration includes:
| Setting | Details |
|---|---|
| Name | 1-255 characters; starts with letter or underscore |
| Compartment | Where the agent resource is stored |
| Welcome message | Custom greeting displayed at chat start (optional) |
| Routing instructions | Natural language prompt to influence tool behavior (e.g., "Always invoke the SQL tool first") |
| Routing LLM | Model that decides which tool to use for each query |
Model Selection
The routing LLM determines which tool to invoke and how to process queries. Three options: (OCI GenAI Agents Model Selection)
| LLM Type | Description |
|---|---|
| Default | Meta Llama 3.3 70B (standard, no extra config) |
| Generative AI Model | On-demand model from OCI Generative AI service |
| Generative AI Endpoint | Model on a dedicated AI cluster endpoint |
Supported model families: Meta Llama (Llama 4 Maverick, Llama 4 Scout, Llama 3.3 70B), OpenAI (gpt-oss-120b, gpt-oss-20b), xAI Grok (Grok 4, Grok 3, Grok 3 Mini, Grok 3 Fast, Grok 3 Mini Fast). Model availability varies by region. (OCI GenAI Agents Model Selection)
Exam trap: The routing LLM and the generation LLM can be different models. The RAG tool has its own generation LLM configuration separate from the agent's routing LLM. Know that you select the routing LLM at the agent level and can select a generation LLM at the RAG tool level.
5. Endpoints, Sessions, and Guardrails
Endpoint Configuration
An endpoint is a deployed instance of an agent. Without an endpoint, the agent cannot receive chat requests. (OCI GenAI Agents Create Endpoint)
| Setting | Details | Changeable After Creation? |
|---|---|---|
| Session enable | Enables multi-turn conversation context | No -- permanent once set |
| Session idle timeout | 1 hour (default) to 7 days (max) | Yes |
| Content moderation | Disable / Block / Inform (input and/or output) | Yes |
| Prompt injection protection | Disable / Block / Inform | Yes |
| PII protection | Disable / Block / Inform (input and/or output) | Yes |
| Human in the loop | Requires human confirmation before delivering response | Yes |
| Trace | Track and display conversation history | Yes |
| Citation | Display source information in responses | Yes |
| Multi-language | Arabic, English, French, German, Italian, Japanese, Portuguese, Spanish | Yes |
Exam trap: Session enable is the only endpoint setting that cannot be changed after creation. All other guardrail and feature settings can be modified later. If the exam asks which setting is permanent at creation time, the answer is session enable.
Guardrail Modes
All three guardrail types (content moderation, prompt injection, PII) support the same three modes:
| Mode | Behavior |
|---|---|
| Disable | No protection applied |
| Block | Identifies the issue and prevents the content from being processed or returned |
| Inform | Identifies the issue and alerts the user but does not block the content |
Large Output Storage
For SQL tool results exceeding 100 rows, endpoints can store results in Object Storage as CSV files. This requires configuring a bucket name, object prefix, and retention period (1-1,440 minutes, default 360 minutes / 6 hours). Results under 100 rows are returned directly. (OCI GenAI Agents Create Endpoint)
6. Multi-Agent Orchestration
Supervisor and Collaborator Architecture
The Agent tool type enables multi-agent orchestration through a supervisor/collaborator pattern. A supervisor agent routes queries to specialized collaborator agents (subagents), each with their own tools and domain expertise. (OCI GenAI Agents Agent-as-Tool Guidelines)
| Role | Responsibilities |
|---|---|
| Supervisor agent | Session management, query routing, response aggregation, global chat history |
| Collaborator agent | Handles domain-specific queries, maintains localized chat history tied to global session |
Key rules for the Agent tool:
- Both supervisor and collaborator agents must have session-enabled endpoints (this is critical)
- Collaborator agents can have any combination of tool types (RAG, SQL, Function Calling, etc.)
- Collaborator agents can operate independently and be reused across multiple supervisors
- Collaborator agents can be in different tenancies (cross-tenancy support)
- IAM requires a dynamic group with
ALL {resource.type='genaiagent'}and appropriate cross-tenancy policies
Exam trap: If sessions are not enabled on the collaborator agent's endpoint, the Agent tool will not work. Session enablement is required on both the supervisor and all collaborator endpoints.
API Endpoint Calling Tool
The API Endpoint Calling tool lets agents invoke external REST APIs and OCI APIs using an OpenAPI 3.0+ specification. Authentication methods include API Key, Basic Auth, Bearer Token, IDCS, OCI Resource Principal (for OCI APIs), or no authentication. All API calls route through a configured VCN subnet. For state-changing operations (POST, PUT, PATCH, DELETE), the x-requires-approval header triggers human-in-the-loop approval. (OCI GenAI Agents API Endpoint Calling Tool)
7. Invoking Deployed Agents
Chat Workflow
Once an endpoint is active, interaction follows this pattern:
- User sends a message to the agent endpoint (via Console chat, REST API, or SDK)
- The routing LLM determines which tool(s) to invoke
- The selected tool executes (RAG retrieval, SQL generation, API call, etc.)
- The agent returns the response, optionally with citations and trace information
- If sessions are enabled, context is maintained for follow-up questions
Developer Access
The service provides two API surfaces and SDKs: (OCI GenAI Agents Concepts)
| API | Purpose | SDKs |
|---|---|---|
| Management API | Create, update, delete agents, knowledge bases, endpoints, tools | Python, Java |
| Client API | Runtime chat interaction with deployed agents | Python, Java |
Additional developer tools: Management CLI, Client CLI, Agent Development Kit (ADK) for Python and Java, and Cloud Shell support.
8. IAM Policies
Resource Types
The Agents service defines eight individual resource types, all grouped under the aggregate genai-agent-family: (OCI GenAI Agents IAM Policies)
| Resource Type | What It Controls |
|---|---|
genai-agent |
Agent CRUD operations |
genai-agent-knowledge-base |
Knowledge base management |
genai-agent-data-source |
Data source configuration |
genai-agent-data-ingestion-job |
Ingestion job execution |
genai-agent-endpoint |
Endpoint lifecycle and chat |
genai-agent-work-request |
Async operation tracking |
genai-agent-session |
Session management |
genai-agent-tool |
Tool configuration |
Essential Policies
For the exam, know these foundational policy patterns:
Full admin access:
allow group <group> to manage genai-agent-family in tenancy
Model access (required separately -- agents need permission to use LLMs):
allow any-user to use generative-ai-family in tenancy
where any {request.principal.type='genaiagent'}
Ingestion job access (Object Storage data sources require a dynamic group):
-- Dynamic group matching rule:
ALL {resource.type='genaiagentdataingestionjob'}
-- Policy:
allow dynamic-group <dg> to read objects in compartment <compartment>
Database/Vault access (for Oracle DB, OpenSearch, HeatWave MySQL):
-- Dynamic group matching rule:
ALL {resource.type='genaiagent'}
-- Policies:
allow dynamic-group <dg> to read database-tools-family in compartment <compartment>
allow dynamic-group <dg> to read secret-bundle in compartment <compartment>
Exam trap: There are two different dynamic group resource types. genaiagentdataingestionjob is for ingestion jobs accessing Object Storage. genaiagent is for agent runtime operations (database access, vault secrets, model access). Do not confuse these.
Permission Levels
IAM verbs are cumulative: inspect < read < use < manage. Notable: the use verb on genai-agent-endpoint includes the GENAI_AGENT_ENDPOINT_CHAT permission -- so chat access requires at least use on the endpoint resource.
9. Service Limits
Memorize these limits -- they appear directly in exam questions. (OCI GenAI Agents Limits)
Increasable Limits (Default Values)
| Resource | Default Limit | Scope |
|---|---|---|
| Agents | 2 | Per tenancy |
| Knowledge bases | 3 | Per tenancy |
| Endpoints per agent | 3 | Per agent |
| Files per ingestion job | 10,000 | Per job |
| Sessions per endpoint | 1,000 | Per endpoint |
Fixed Limits (Cannot Be Increased)
| Resource | Limit | Notes |
|---|---|---|
| Data sources per knowledge base | 1 | Hard limit |
| Knowledge bases per agent | 2 | Hard limit |
| Tools per agent (FRA, LHR, ORD) | 20 | Regional |
| Tools per agent (other regions) | 5 | Regional |
| File size | 100 MB | Per file |
| Active ingestion jobs per data source | 1 | Concurrent |
| Session idle timeout max | 7 days | Configurable; default 1 hour |
Exam trap: The default limit is 2 agents per tenancy and 3 knowledge bases per tenancy. These are very low defaults and are increasable via service limit requests. Fixed limits (1 data source per KB, 2 KBs per agent) cannot be increased at all. The tools-per-agent limit varies by region -- Frankfurt, London, and Chicago allow 20; other regions allow only 5.
10. SQL Tool Deep Dive
The SQL tool converts natural language to SQL SELECT queries. Key facts for the exam: (OCI GenAI Agents SQL Tool Guidelines)
- Supports only Oracle Database (Base and Autonomous) and SQLite
- Generates only SELECT queries (with joins, conditions, aggregations) -- no DDL or DML
- Requires a valid database schema definition (tables, columns, primary keys, foreign keys, constraints)
- Two model sizes: Small (faster, less accurate, simple queries) and Large (slower, more accurate, complex queries)
- Supports in-context learning examples (sample question/SQL pairs) to improve accuracy
- SQL execution requires a Database Tools connection
- Results over 100 rows can be stored in Object Storage as CSV
- Human-in-the-loop allows review of generated SQL before execution
- Self-correction: agent validates and corrects queries when execution is enabled
- No cross-tenancy or cross-region support for SQL tool
11. Common Exam Scenarios
| Scenario | Correct Answer |
|---|---|
| Build a chatbot over company PDFs with minimal code | Use Agents service with RAG tool + Object Storage |
| Query a database using natural language | Use Agents service with SQL tool |
| Need custom chunking strategy and embedding model | Use manual RAG pipeline (Domain 3), not Agents |
| Route queries to specialized domain experts | Use Agent tool (supervisor/collaborator pattern) |
| Call an external REST API from a chatbot | Use API Endpoint Calling tool with OpenAPI schema |
| Protect chatbot from prompt injection | Configure endpoint with prompt injection protection (Block or Inform) |
| Keep conversation context across messages | Enable sessions on the endpoint (cannot change after creation) |
| Chatbot needs to support French and Japanese | Enable multi-language on the endpoint |
| Knowledge base needs data from two different buckets | Not possible -- one data source per knowledge base; create two knowledge bases |
| Agent needs to modify database records | Not possible with SQL tool (SELECT only); use Function Calling or API Endpoint tool |
References
- OCI Generative AI Agents Service Home
- OCI GenAI Agents Concepts
- OCI GenAI Agents Overview
- Getting Started with OCI GenAI Agents
- IAM Policies for OCI GenAI Agents
- RAG Tool Object Storage Guidelines
- RAG Tool Oracle Database Guidelines
- RAG Tool HeatWave MySQL Guidelines
- RAG Tool OpenSearch Guidelines
- Creating an Agent
- Creating an Endpoint
- Model Selection
- Service Limits and Limitations
- Agent-as-Tool Guidelines
- API Endpoint Calling Tool Guidelines
- SQL Tool Guidelines
- Data Ingestion
- 1Z0-1127-25 Exam Syllabus (DBExam)