Login
      Contents x
      Managing Cloud Functions permissions
        • Print
        • PDF
        Contents

        Managing Cloud Functions permissions

          • Print
          • PDF
          Article Summary

          Available in VPC

          By using Sub Account, NAVER Cloud Platform's account management service, you can set various access rights of Cloud Functions. Sub Account provides System Managed policies and User Created policies for setting management and administration permissions.

          Note

          Sub Account is a service provided free of charge upon subscription request. For more information on Sub Account, see the Service > Management & Governance > Sub Account menu and the Sub Account guide menu of the NAVER Cloud Platform portal.

          Managed policies

          System Managed policies are role-based policies defined by NAVER Cloud Platform for user convenience. Once managed policies are assigned to a sub account created in Sub Account, and that sub account can use Cloud Functions. The following is a brief description of managed policies of Cloud Functions.

          Policy NamePolicy Description
          NCP_ADMINISTRATORThe right to access the portal and console in the NAVER Cloud Platform in the same manner as the main account
          NCP_INFRA_MANAGERThe right to use all services in the NAVER Cloud Platform and access My Page > Notification management in the portal
          NCP_VPC_CLOUD_FUNCTIONS_MANAGERThe right to use all functions of VPC-based Cloud Functions
          NCP_VPC_CLOUD_FUNCTIONS_VIEWERThe right to use only the list view function of VPC-based Cloud Functions

          User-defined policies

          User-defined policies are policies that users can create themselves. Once User Created policies are granted to a sub account created in Sub Account, that sub account can only use the user-assigned action combinations. The following is a brief description of user-defined policies of Cloud Functions.

          ClassificationAction NameRelated action(s)Resource typeGroup by resource typeAction Description
          ViewView/getPackageList--PackageView package list
          ViewView/getPackageDetailView/getPackageListPackagePackageView detailed information on packages
          ViewView/getActionListView/getPackageList
          View/getPackageDetail          		-ActionView action list
          ViewView/getActionDetailView/getPackageList
          View/getPackageDetail
          View/getActionList
          View/getVPCList
          View/getVPCDetail
          View/getSubnetList
          View/getSubnetDetail
          View/getAPIList
          View/getAPIDetail          		ActionActionView detailed information on actions
          ViewView/getActionActivationListView/getPackageList
          View/getPackageDetail
          View/getActionList
          View/getActionDetail          		ActionActivationGets an action's execution history list.
          ViewView/getActionActivationDetailView/getPackageList
          View/getPackageDetail
          View/getActionList
          View/getActionDetail
          View/getActionActivationList          		ActionActivationGets an action's execution history details.
          ViewView/getTriggerList-TriggerTriggerView trigger list
          ViewView/getTriggerDetailView/getTriggerList
          View/getAPIList
          View/getAPIDetail
          View/getEventRuleList
          View/getEventRuleDetail
          View/getRuleList
          View/getRuleDetail
          View/getObjectStorageBucketList
          View/getObjectStorageBucketEventRuleList
          View/getSourceCommitRepositoryList
          View/getSourceCommitWebhookList          		TriggerTriggerView detailed information on triggers
          ViewView/getTriggerActivationListView/getTriggerList
          View/getTriggerDetail          		TriggerActivationGets a trigger's execution history list.
          ViewView/getTriggerActivationDetailView/getTriggerList
          View/getTriggerDetail
          View/getTriggerActivationList          		TriggerActivationGets a trigger's execution history details.
          ViewView/getProductList--ExternalLinkView the list of the products of API Gateway
          ViewView/getProductDetailView/getProductListAPIGateway:ProductExternalLinkView detailed information on the products of API Gateway
          ViewView/getAPIListView/getProductList
          View/getProductDetail          		-ExternalLinkView the list of APIs of API Gateway
          ViewView/getAPIDetailView/getProductList
          View/getProductDetail
          View/getAPIList          		APIGateway:APIExternalLinkView detailed information on the APIs of API Gateway
          ViewView/getEventRuleList--TriggerView the list of event rules for Cloud Insight
          ViewView/getEventRuleDetailView/getEventRuleListCloudInsight:EventRuleTriggerView detailed information on the event rules of Cloud Insight
          ViewView/getRuleList--TriggerView the list of rules of Cloud IoT Core
          ViewView/getRuleDetailView/getRuleListCloudIoTCore:RuleTriggerView detailed information on the rules of Cloud IoT Core
          ViewView/getObjectStorageBucketList--TriggerView the list of buckets of Object Storage
          ViewView/getObjectStorageBucketDetailView/getObjectStorageBucketListObjectStorage:BucketTriggerView detailed information on the buckets of Object Storage
          ViewView/getObjectStorageBucketEventRuleListView/getObjectStorageBucketList
          View/getObjectStorageBucketDetail          		-TriggerView the list of bucket event rules of Object Storage
          ViewView/getObjectStorageBucketEventRuleDetailView/getObjectStorageBucketList
          View/getObjectStorageBucketDetail
          View/getObjectStorageBucketEventRuleList          		ObjectStorage:BucketTriggerView detailed information on the bucket event rules of Object Storage
          ViewView/getSourceCommitRepositoryList--TriggerView the list of repositories of Source Commit
          ViewView/getSourceCommitRepositoryDetailView/getSourceCommitRepositoryListSourceCommit:RepositoryTriggerView detailed information on the repositories of Source Commit
          ViewView/getSourceCommitWebhookListView/getSourceCommitRepositoryList
          View/getSourceCommitRepositoryDetail          		-TriggerView the list of repository webhooks of Source Commit
          ViewView/getSourceCommitWebhookDetailView/getSourceCommitRepositoryList
          View/getSourceCommitRepositoryDetail
          View/getSourceCommitWebhookList          		SourceCommit:RepositoryTriggerView detailed information on the repository webhooks of Source Commit
          ViewView/getVPCList--ActionView VPC list
          ViewView/getVPCDetailView/getVPCListVPC:VPCActionView VPC details
          ViewView/getSubnetList--ActionView subnet list
          ViewView/getSubnetDetailView/getSubnetListVPC:SubnetActionGets subnet details.
          ViewView/getDashboardView/getActionActivationList-ActivationGets Dashboard.
          ViewView/getMonitoringActionView/getActionActivationListActionActivationGets action monitoring information.
          ViewView/getMonitoringTriggerView/getTriggerActivationListTriggerActivationGets trigger monitoring information.
          ChangeChange/createAPIView/getProductList
          View/getProductDetail
          View/getAPIList          		APIGateway:APIExternalLinkCreate the API of API Gateway
          ChangeChange/createActionView/getPackageList
          View/getPackageDetail
          View/getActionList
          View/getVPCList
          View/getVPCDetail
          View/getSubnetList
          View/getSubnetDetail
          Change/createNetworkInterface          		-ActionCreate action
          ChangeChange/createActionExternalLinkView/getPackageList
          View/getPackageDetail
          View/getActionList
          View/getActionDetail
          View/getProductList
          View/getProductDetail
          View/getAPIList
          View/getAPIDetail
          Change/updateAPI          		ActionActionCreates an external link URL that can be used to call an action.
          ChangeChange/createActionLinkTriggerView/getTriggerList
          View/getTriggerDetail
          View/getActionList
          View/getActionDetail          		ActionActionConnect a trigger to an action.
          ChangeChange/createNetworkInterface--ActionCreate network interface
          ChangeChange/createObjectStorageBucketEventRule--TriggerCreate the bucket event rule of Object Storage
          ChangeChange/createSourceCommitWebhook--TriggerCreate the repository webhook of Source Commit
          ChangeChange/createPackageView/getPackageList-PackageCreate package
          ChangeChange/createProductView/getProductList-ExternalLinkCreate the products of API Gateway
          ChangeChange/createRuleView/getRuleList-TriggerCreate the rules of Cloud IoT Core
          ChangeChange/createTriggerView/getTriggerList
          View/getTriggerDetail
          View/getProductList
          View/getProductDetail
          View/getAPIList
          View/getAPIDetail
          Change/updateAPI
          Change/createProduct
          Change/createAPI
          View/getEventRuleList
          View/getEventRuleDetail
          Change/updateEventRule
          View/getRuleList
          View/getRuleDetail
          Change/updateRule
          View/getObjectStorageBucketList
          View/getObjectStorageBucketEventRuleList
          Change/createObjectStorageBucketEventRule
          View/getSourceCommitRepositoryList
          View/getSourceCommitRepositoryDetail
          View/getSourceCommitWebhookList
          View/getSourceCommitWebhookDetail
          Change/createSourceCommitWebhook          		-TriggerCreate trigger
          ChangeChange/createTriggerExternalLinkView/getTriggerList
          View/getTriggerDetail
          View/getProductList
          View/getProductDetail
          View/getAPIList
          View/getAPIDetail
          Change/updateAPI          		TriggerTriggerCreates an external link URL that can be used to call a trigger.
          ChangeChange/createTriggerLinkActionView/getTriggerList
          View/getTriggerDetail
          View/getActionList
          View/getActionDetail          		TriggerTriggerConnects an action to a trigger.
          ChangeChange/deleteActionView/getPackageList
          View/getPackageDetail
          View/getActionList
          View/getActionDetail
          Change/deleteNetworkInterface
          View/getVPCList
          View/getVPCDetail
          View/getSubnetList
          View/getSubnetDetail          		ActionActionDeletes an action.
          ChangeChange/deleteActionLinkTriggerView/getTriggerList
          View/getTriggerDetail
          View/getActionList
          View/getActionDetail          		ActionActionDisconnect a trigger linked to an action.
          ChangeChange/deleteNetworkInterface-VPCServer:NetworkInterfaceActionTerminate network Interface
          ChangeChange/deletePackageView/getPackageList
          View/getPackageDetail          		PackagePackageDelete package
          ChangeChange/deleteTriggerView/getTriggerList
          View/getTriggerDetail
          View/getEventRuleList
          View/getEventRuleDetail
          Change/updateEventRule
          View/getRuleList
          View/getRuleDetail
          Change/updateRule
          View/getObjectStorageBucketList
          View/getObjectStorageBucketEventRuleList
          View/getSourceCommitRepositoryList
          View/getSourceCommitWebhookList          		TriggerTriggerDeletes a trigger.
          ChangeChange/deleteTriggerLinkActionView/getTriggerList
          View/getTriggerDetail
          View/getActionList
          View/getActionDetail          		TriggerTriggerDisconnect an action linked to a trigger.
          ChangeChange/invokeActionView/getPackageList
          View/getPackageDetail
          View/getActionList
          View/getActionDetail          		ActionActionRuns an action.
          ChangeChange/invokeTriggerView/getTriggerList
          View/getTriggerDetail
          Change/invokeAction          		TriggerTriggerRuns a trigger.
          ChangeChange/updateAPIView/getProductList
          View/getProductDetail
          View/getAPIList
          View/getAPIDetail          		APIGateway:APIExternalLinkModify the API of API Gateway
          ChangeChange/updateActionView/getPackageList
          View/getPackageDetail
          View/getActionList
          View/getActionDetail
          Change/createNetworkInterface
          Change/deleteNetworkInterface
          View/getVPCList
          View/getVPCDetail
          View/getSubnetList
          View/getSubnetDetail          		ActionActionModify an action.
          ChangeChange/updateEventRuleView/getEventRuleList
          View/getEventRuleDetail          		CloudInsight:EventRuleTriggerModify the event rule of Cloud Insight
          ChangeChange/updatePackageView/getPackageList
          View/getPackageDetail          		PackagePackageModify package
          ChangeChange/updateRuleView/getRuleList
          View/getRuleDetail          		CloudIoTCore:RuleTriggerModify the rule of Cloud IoT Core
          ChangeChange/updateTriggerView/getTriggerList
          View/getTriggerDetail
          View/getProductList
          View/getProductDetail
          View/getAPIList
          View/getAPIDetail
          Change/updateAPI
          Change/createProduct
          Change/createAPI
          View/getEventRuleList
          View/getEventRuleDetail
          Change/updateEventRule
          View/getRuleList
          View/getRuleDetail
          Change/updateRule
          View/getObjectStorageBucketList
          View/getObjectStorageBucketEventRuleList
          Change/createObjectStorageBucketEventRule
          View/getSourceCommitRepositoryList
          View/getSourceCommitRepositoryDetail
          View/getSourceCommitWebhookList
          View/getSourceCommitWebhookDetail
          Change/createSourceCommitWebhook          		TriggerTriggerModifies a trigger.
          Caution

          Even when you are granted permission for a specific action, if you are not also granted permissions for the related actions that are required, then you won't be able to perform jobs properly. To prevent such issues, Sub Account provides a feature that automatically grants permissions for related actions when granting action permissions. However, if you deselect related actions that are automatically granted, then the system determines that it was done intentionally by the main account user and won't forcibly include them. So be careful when setting rights.

          Was this article helpful?
          What's Next
          Change password!
          Changing your password will log you out immediately. Use the new password to log back in.
          Change profile
          Success!
          First name must have atleast 2 characters. Numbers and special characters are not allowed.
          Last name must have atleast 1 characters. Numbers and special characters are not allowed.
          Enter a valid email
          Enter a valid password
          Your profile has been successfully updated.
          Logout