- Print
- PDF
Managing Blockchain Service permissions
- Print
- PDF
Available in VPC
By using Sub Account, which is NAVER Cloud Platform's account management service, you can set various access permissions for Blockchain Service. Sub Account provides System Managed policies and User Created policies for setting management and administration permissions.
The Sub Account service is provided free of charge upon subscription request. For more information on Sub Account, refer to the Service > Management & Governance > Sub Account menu in the NAVER Cloud Platform portal, as well as the Sub Account Guide.
System Managed policies
System Managed policies are role-based policies defined by NAVER Cloud Platform for user convenience. Once System Managed policies are granted to a sub account created in Sub Account, that sub account can use Blockchain Service. The following is a brief description about System Managed policies of Blockchain Service.
Policy Name | Policy Description |
---|---|
NCP_ADMINISTRATOR | Permission to access the portal and console in NAVER Cloud Platform in the same manner as main accounts |
NCP_INFRA_MANAGER | Permission to use all services in NAVER Cloud Platform and to access Manage notifications on My Page in the portal |
NCP_VPC_BLOCKCHAIN_SERVICE_MANAGER | Permission to use all features of Blockchain Service |
NCP_VPC_BLOCKCHAIN_SERVICE_VIEWER | Permission to only use the View list and Search features of Blockchain Service |
User-defined policy
User-defined policies are policies that users can create. Once User-defined policies are granted to a sub account created in Sub Account, that sub account can only use the user-assigned action combinations. The following is a brief description about User-defined policies of Blockchain Service.
Type | Action Name | Related action(s) | Resource type | Group by resource type | Action Description |
---|---|---|---|---|---|
View | View/exportOrderer | View/getBlockchainNetworkDetail View/getBlockchainNetworkList View/getOrdererList View/getOrdererDetail | Orderer | Orderer | Export orderer |
View | View/exportOrganization | View/getBlockchainNetworkDetail View/getOrganizationDetail View/getBlockchainNetworkList View/getOrganizationList | Organization | Organization | Export organization |
View | View/getBlockchainNetworkDetail | View/getBlockchainNetworkList | Network | Network | View blockchain network details |
View | View/getBlockchainNetworkList | - | - | Network | View blockchain network list |
View | View/getBlockchainNetworkTopology | View/getPeerList View/getBlockchainNetworkList View/getOrdererList View/getCAList View/getOrganizationList | Network | Network | View detailed diagram of network nodes |
View | View/getCADetail | View/getBlockchainNetworkDetail View/getBlockchainNetworkList View/getCAList | CA | CA | View CA details |
View | View/getCAList | View/getBlockchainNetworkDetail View/getBlockchainNetworkList | - | CA | View CA list |
View | View/getCAUserIdentityList | View/getBlockchainNetworkDetail View/getBlockchainNetworkList | CA | CA | View CA user identity list |
View | View/getChaincodeList | View/getBlockchainNetworkDetail View/getBlockchainNetworkList | - | Channel | View chaincode list |
View | View/getChannelBlockTransactionLog | View/getChannelList View/getBlockchainNetworkDetail View/getBlockchainNetworkList View/getChannelDetail | Channel | Channel | View block or transaction |
View | View/getChannelDetail | View/getBlockchainNetworkDetail View/getChannelList View/getBlockchainNetworkList | Channel | Channel | View channel details |
View | View/getChannelList | View/getBlockchainNetworkDetail View/getBlockchainNetworkList | - | Channel | View channel list |
View | View/getChannelOrganizationList | View/getChannelList View/getBlockchainNetworkDetail View/getBlockchainNetworkList View/getChannelDetail | Channel | Channel | View channel member (organization) list |
View | View/getInvitationList | - | - | Network | View invitation list |
View | View/getKubernetesClusterDetail | View/getKubernetesClusterList | VPCKubernetesService:Cluster | Network | View Kubernetes cluster details |
View | View/getKubernetesClusterList | - | - | Network | View Kubernetes cluster list |
View | View/getOrdererDetail | View/getBlockchainNetworkDetail View/getBlockchainNetworkList View/getOrdererList | Orderer | Orderer | View orderer details |
View | View/getOrdererList | View/getBlockchainNetworkDetail View/getBlockchainNetworkList View/getOrdererList | - | Orderer | View orderer list |
View | View/getOrganizationConnectionProfile | View/getBlockchainNetworkDetail View/getOrganizationDetail View/getBlockchainNetworkList View/getOrganizationList | - | Organization | Downloads organization access information |
View | View/getOrganizationDetail | View/getBlockchainNetworkDetail View/getBlockchainNetworkList View/getOrganizationList | Organization | Organization | View organization details |
View | View/getOrganizationList | View/getBlockchainNetworkDetail View/getBlockchainNetworkList | - | Organization | View organization list |
View | View/getPeerDetail | View/getPeerList View/getBlockchainNetworkDetail View/getBlockchainNetworkList | Peer | Peer | View peer details |
View | View/getPeerList | View/getBlockchainNetworkDetail View/getBlockchainNetworkList | - | Peer | View peer list |
View | View/getPeerListInstallable | View/getPeerList View/getPeerDetail View/getBlockchainNetworkDetail View/getBlockchainNetworkList | - | Channel | View peer list capable of chaincode install |
View | View/watchCAStatus | View/getBlockchainNetworkDetail View/getBlockchainNetworkList View/getCAList View/getCADetail | CA | CA | View CA container monitoring information |
View | View/watchOrdererStatus | View/getBlockchainNetworkDetail View/getBlockchainNetworkList View/getOrdererList View/getOrdererDetail | Orderer | Orderer | View orderer container monitoring information |
View | View/watchPeerStatus | View/getPeerList View/getPeerDetail View/getBlockchainNetworkDetail View/getBlockchainNetworkList | Peer | Peer | View peer container monitoring information |
Change | Change/createBlockchainNetwork | View/getKubernetesClusterList Change/createPeer View/getBlockchainNetworkList Change/createOrderer Change/createCA Change/createOrganization Change/createChannel View/getKubernetesClusterDetail | - | Network | Create blockchain network |
Change | Change/createCA | View/getBlockchainNetworkDetail View/getBlockchainNetworkList View/getCAList | - | CA | Create CA |
Change | Change/createChannel | View/getBlockchainNetworkDetail View/getChannelList View/getOrganizationDetail View/getBlockchainNetworkList View/getOrdererList Change/updateChannelOrganizations View/getOrdererDetail View/getOrganizationList | - | Channel | Create channel |
Change | Change/createOrderer | View/getCAUserIdentityList View/getBlockchainNetworkDetail View/getOrganizationDetail View/getBlockchainNetworkList View/getOrdererList View/getOrganizationList | - | Orderer | Create orderer |
Change | Change/createOrganization | View/getBlockchainNetworkDetail View/getBlockchainNetworkList View/getCAList View/getCADetail View/getOrganizationList | - | Organization | Create organization |
Change | Change/createPeer | View/getPeerList View/getCAUserIdentityList View/getBlockchainNetworkDetail View/getOrganizationDetail View/getBlockchainNetworkList View/getOrganizationList | - | Peer | Create peer |
Change | Change/deleteBlockchainNetwork | View/getBlockchainNetworkDetail View/getBlockchainNetworkList | Network | Network | Delete blockchain network |
Change | Change/deleteCA | View/getBlockchainNetworkDetail View/getBlockchainNetworkList View/getCAList View/getCADetail | CA | CA | Delete CA |
Change | Change/deleteOrderer | View/getBlockchainNetworkDetail View/getBlockchainNetworkList View/getOrdererList View/getOrdererDetail | Orderer | Orderer | Delete orderer |
Change | Change/deleteOrganization | View/getBlockchainNetworkDetail View/getOrganizationDetail View/getBlockchainNetworkList View/getOrganizationList | Organization | Organization | Delete organization |
Change | Change/deletePeer | View/getPeerList View/getPeerDetail View/getBlockchainNetworkDetail View/getBlockchainNetworkList | Peer | Peer | Delete peer |
Change | Change/executeChaincode | View/getChaincodeList View/getChannelList View/getOrganizationDetail View/getChannelOrganizationList View/getChannelDetail | Channel | Channel | Executes chaincode |
Change | Change/importOrderer | View/getBlockchainNetworkDetail View/getBlockchainNetworkList View/getOrdererList View/getOrdererDetail | - | Orderer | Import orderer |
Change | Change/importOrganization | View/getBlockchainNetworkDetail View/getOrganizationDetail View/getBlockchainNetworkList View/getOrganizationList | - | Organization | Import organization |
Change | Change/installChaincode | View/getPeerDetail View/getChaincodeList View/getBlockchainNetworkDetail View/getBlockchainNetworkList View/getPeerListInstallable | Peer | Channel | Install chaincode |
Change | Change/instantiateChaincode | View/getChaincodeList View/getOrganizationDetail View/getChannelList View/getChannelOrganizationList View/getChannelDetail | Channel | Channel | Enables chaincode |
Change | Change/inviteToNetwork | View/getBlockchainNetworkDetail View/getChannelList View/getBlockchainNetworkList View/getChannelDetail | - | Network | Invite to network |
Change | Change/manageInvitation | View/getInvitationList View/getBlockchainNetworkDetail View/getOrganizationDetail View/getBlockchainNetworkList View/getOrganizationList | - | Network | Accept/decline/check/cancel invited details |
Change | Change/resizeCAResources | View/getBlockchainNetworkDetail View/getBlockchainNetworkList View/getCAList View/getCADetail | CA | CA | Change CA resource settings |
Change | Change/resizeLoadBalancerThroughput | View/getBlockchainNetworkDetail View/getBlockchainNetworkList | Network | Network | Change load balancer size |
Change | Change/resizeOrdererResources | View/getBlockchainNetworkDetail View/getBlockchainNetworkList View/getOrdererList View/getOrdererDetail | Orderer | Orderer | Change orderer resource settings |
Change | Change/resizePeerResources | View/getPeerList View/getPeerDetail View/getBlockchainNetworkDetail View/getBlockchainNetworkList | Peer | Peer | Change peer resource settings |
Change | Change/updateCAUserIdentities | View/getCAUserIdentityList View/getBlockchainNetworkDetail View/getBlockchainNetworkList View/getCAList View/getCADetail | CA | CA | Change CA user identity settings |
Change | Change/updateChannelBatchconfig | View/getBlockchainNetworkDetail View/getChannelList View/getBlockchainNetworkList Change/updateChannelOrganizations View/getChannelDetail | Channel | Channel | Change channel batch config settings |
Change | Change/updateChannelOrganizations | View/getBlockchainNetworkDetail View/getOrganizationDetail View/getChannelList View/getBlockchainNetworkList View/getChannelOrganizationList View/getOrganizationList View/getChannelDetail | Channel | Channel | Change channel member (organization) settings |
Change | Change/updateChannelPeers | View/getPeerList View/getBlockchainNetworkDetail View/getChannelList View/getBlockchainNetworkList View/getPeerListInstallable View/getChannelDetail | Channel | Channel | Change peer settings participating in channel |
Change | Change/updateConsortium | View/getBlockchainNetworkDetail View/getOrganizationDetail View/getBlockchainNetworkList View/getOrdererList View/getOrdererDetail View/getOrganizationList | Orderer | Orderer | Change orderer's consortium settings |
Change | Change/upgradeChaincode | View/getChaincodeList View/getOrganizationDetail View/getChannelList Change/instantiateChaincode View/getChannelOrganizationList View/getChannelDetail | Channel | Channel | Upgrade chaincode |
Even when you are granted permission for a specific action, if you are not also granted permissions for the related actions that are required, then you won't be able to perform jobs properly. To prevent such issues, Sub Account provides a feature that automatically grants permissions for related actions when granting action permissions. However, if you deselect related actions that are automatically granted, then the system determines that it was done intentionally by the main account user and won't forcibly include them. So, be careful when setting permissions.