Available in VPC
You can set different access permissions for Cloud DB for Cache using NAVER Cloud Platform's Sub Account service. Sub Account offers both system-managed (System Managed) and user-defined (User Created) policies to help you configure management and operation permissions.
Sub Account is a free service with no additional charges. For more information about Sub Account, see Services > Management & Governance > Sub Account on the NAVER Cloud Platform portal and the Sub Account user guide.
System-managed policies
System-managed policies are pre-built, role-based policies that NAVER Cloud Platform provides for your convenience. When you assign one of these policies to a sub account, that account gets access to Cloud DB for Cache. Here are the available system-managed policies for Cloud DB for Cache:
| Policy name | Policy description |
|---|---|
| NCP_ADMINISTRATOR | Full access to all services, with the same scope as the main account |
| NCP_INFRA_MANAGER | Access to all services, except the My Account > Billing Information and Cost Management > Billing and Payment Management menu in the console |
| NCP_FINANCE_MANAGER | Access only to the Cost Explorer service and the My Account > Billing Information and Cost Management > Billing and Payment Management menu in the console |
| NCP_VPC_CLOUD_DB_FOR_CACHE_MANAGER | Full access to all Cloud DB for Cache features on the VPC platform |
| NCP_VPC_CLOUD_DB_FOR_CACHE_VIEWER | View-only access to list and query VPC-based Cloud DB for Cache |
User-defined policies
User-defined policies let you create custom permissions. When you assign a user-defined policy to a sub account, that account can only perform the specific actions, you've allowed. Here are the available user-defined policies for Cloud DB for Cache:
| Type | Action | Related action | Resource type | Group by resource type | Action description |
| ---- | ---- | ---- | ---- | ---- | ---- |
| View | View/getServiceBackupDetail | View/getServiceBackupList
View/getServiceDetail
View/getServiceList | Service | Service | View detailed information about a service backup |
| View | View/getServiceBackupList | View/getServiceDetail
View/getServiceList | - | Service | View the list of service backup configurations |
| View | View/getServiceDetail | View/getServiceList | Service | Service | View detailed service information |
| View | View/getServiceList | - | - | Service | View the list of services |
| View | View/getServiceListOfConfigGroup | View/getConfigGroupList
View/getConfigGroupDetail | ConfigGroup | Service | View the list of services to which a config group is applied |
| View | View/getServiceServerEventDetail | View/getServiceList
View/getServiceDetail
View/getServiceServerEventList | Service | Service | View detailed server event information for a service |
| View | View/getServiceServerEventList | View/getServiceList | - | Service | View the list of server events for a service |
| View | View/getConfigGroupDetail | View/getConfigGroupList | ConfigGroup | ConfigGroup | View detailed information about a config group |
| View | View/getConfigGroupList | - | - | ConfigGroup | View the list of config groups |
| View | View/getOSDashboard | View/getServiceList
View/getServiceDetail | Service | Service | View the OS dashboard for nodes that make up the service |
| View | View/getCacheDashboard | View/getServiceList
View/getServiceDetail | Service | Service | View the DB dashboard for nodes that make up the service |
| View | View/getSubnetDetail | View/getSubnetList | VPC:Subnet | Service | Check the subnets accessible for the service |
| View | View/getSubnetList | - | - | Service | View the list of subnets required for the service |
| View | View/getVPCDetail | View/getVPCList | VPC:VPC | Service | Check the VPCs accessible for the service |
| View | View/getVPCList | - | - | Service | View the list of VPCs required for the service |
| View | View/getBucketList | - | - | Service | View the list of buckets to which the selected file can be exported |
| View | View/getBucketDetail | View/getBucketList | ObjectStorage:Bucket | Service | Select a bucket to which the selected file will be exported |
| View | View/getServiceBackupManualList | View/getServiceDetail
View/getServiceList | - | Service | View the list of manual backup configurations for a service |
| View | View/getServiceBackupManualDetail | View/getServiceBackupManualList
View/getServiceDetail
View/getServiceList | Service | Service | View detailed information about a service manual backup |
| View | View/exportDBServiceList | View/getServiceList | Service | Service | Download the service (DB) list |
| View | View/getOperatingSystemConfig | View/getServiceList
View/getServiceDetail | Service | Service | View the settings required for upgrading the operating system of the service (DB) |
| Change | Change/createService | View/getServiceList
View/getVPCList
View/getVPCDetail
View/getSubnetList
View/getSubnetDetail
View/getConfigGroupList
View/getConfigGroupDetail | - | Service | Create a service |
| Change | Change/createServiceWithBackupFile | View/getServiceList
View/getServiceDetail
View/getServiceBackupList
View/getServiceBackupDetail
View/getServiceBackupManualList
View/getServiceBackupManualDetail | Service | Service | Create a new service using a backup file |
| Change | Change/createConfigGroup | View/getConfigGroupList | - | ConfigGroup | Create a config group |
| Change | Change/deleteService | View/getServiceList
View/getServiceDetail | Service | Service | Delete a service |
| Change | Change/deleteConfigGroup | View/getConfigGroupList
View/getConfigGroupDetail | ConfigGroup | ConfigGroup | Delete a config group |
| Change | Change/manageServiceBackup | View/getServiceList
View/getServiceDetail | Service | Service | Configure service backups |
| Change | Change/manageServiceConfigGroup | View/getServiceList
View/getServiceDetail
View/getConfigGroupList
View/getConfigGroupDetail | Service | Service | Manage the config group for a service |
| Change | Change/manageServiceNode | View/getServiceList
View/getServiceDetail | Service | Service | Manage service nodes |
| Change | Change/changeServiceSpec | View/getServiceList
View/getServiceDetail | Service | Service | Change the service specifications |
| Change | Change/manageConfigGroup | View/getConfigGroupList
View/getConfigGroupDetail
View/getServiceListOfConfigGroup | ConfigGroup | ConfigGroup | Modify a config group |
| Change | Change/restartService | View/getServiceList
View/getServiceDetail | Service | Service | Restart the service |
| Change | Change/changeFlushAll | View/getServiceList
View/getServiceDetail | Service | Service | Delete all data on the DB server |
| Change | Change/exportBackupToObjectStorage | View/getServiceList
View/getServiceDetail
View/getBucketList
View/getBucketDetail
View/getServiceBackupList
View/getServiceBackupDetail
View/getServiceBackupManualList
View/getServiceBackupManualDetail | Service | Service | Export the selected backup file to Object Storage |
| Change | Change/createManualBackup | View/getServiceList
View/getServiceDetail
View/getServiceBackupManualList | Service | Service | Perform a manual backup for the service |
| Change | Change/deleteManualBackupFile | View/getServiceList
View/getServiceDetail
View/getServiceBackupManualList
View/getServiceBackupManualDetail | Service | Service | Delete a manual backup file for the service |
| Change | Change/manageDBServerName | View/getServiceList
View/getServiceDetail | Service | Service | Change the DB server name |
| Change | Change/upgradeDBVersion | View/getServiceList
View/getServiceDetail
View/getConfigGroupList
View/getConfigGroupDetail | Service | Service | Upgrade the service (DB) version |
| Change | Change/manageOperatingSystem | View/getServiceList
View/getServiceDetail
View/getOperatingSystemConfig | Service | Service | Upgrade the operating system of the service (DB) |
| Change | Change/setStandalone | View/getServiceList
View/getServiceDetail | Service | Service | Change the service (DB) to standalone mode |
| Change | Change/setHa | View/getServiceList
View/getServiceDetail |Service | Service | Change the service (DB) to high availability mode |
If you grant someone access to a specific action but not to the required related actions, they won't be able to complete their tasks. Sub Account automatically includes these related permissions to prevent this issue. However, if you manually uncheck these auto-selected related actions, the system assumes this was intentional and won't override your selection.