SourceCommit permissions management

Prev Next

Available in Classic and VPC

By using Sub Account, NAVER Cloud Platform's account management service, you can set different access permissions for SourceCommit. Sub Account offers both system-managed (System Managed) and user-defined (User Created) policies to help you configure management and operation permissions.

Note

Sub Account is a free service with no additional charges. For more information about Sub Account, see Services > Management & Governance > Sub Account on the NAVER Cloud Platform portal and the Sub Account user guide.

System-managed policies

System-managed policies are pre-built, role-based policies that NAVER Cloud Platform provides for your convenience. Once the system-managed policies are granted to a sub account created in Sub Account, that sub account can use SourceCommit. Here are the available system-managed policies for SourceCommit.

Policy name Policy description
NCP_ADMINISTRATOR Full access to all services, same as the main account
NCP_INFRA_MANAGER Access to all services, except My Account > Billing Information and Cost Management > Billing and Payment Management in the console
NCP_FINANCE_MANAGER Access to only the Cost Explorer service and the console menu My Account > Billing Information and Cost Management > Billing and Payment Management
NCP_SOURCECOMMIT_MANAGER Full access to all SourceCommit features.
NCP_SOURCECOMMIT_VIEWER Permission to only use features to view the list in SourceCommit.
NCP_SOURCECOMMIT_ADMIN ADMIN permission template managed by SourceCommit. Permission to create the ADMIN permission policy managed in SourceCommit through the load policy feature.
NCP_SOURCECOMMIT_WRITE WRITE permission template managed by SourceCommit. Permission to create the WRITE permission policy managed in SourceCommit through the load policy feature.
NCP_SOURCECOMMIT_READ READ permission template managed by SourceCommit. Permission to create the READ permission policy managed in SourceCommit through the load policy feature.

User-defined policies

User-created policies let you create custom permissions. When you assign a user-defined policy to a sub account, that account can only perform the specific actions you've allowed. The brief description of SourceCommit's user-defined policies is as follows:

| Type | Action | Related action | Resource type | Group by resource type | Action description |
| ---- | ---- | ---- | ---- | ---- | ---- |
| View | View/getRepositoryList | - | - | Repository | View repository list. |
| View | View/getRepositoryDetail | View/getRepositoryList
View/accessFileSafer
View/getGitContents
Change/changeGitContents | Repository | Repository | View repository details. |
| View | View/getGitContents | View/getRepositoryList
View/getRepositoryDetail | Repository | Git Remote | View remote repository (clone, pull, etc.). |
| View | View/getPullRequestList | View/getRepositoryList
View/getRepositoryDetail | Repository | Pull Request | View pull request list. |
| View | View/getPullRequestDetail | View/getRepositoryList
View/getRepositoryDetail
View/getPullRequestList | Repository | Pull Request | View pull request details. |
| View | View/accessFileSafer | View/getRepositoryList
View/getRepositoryDetail
View/getPullRequestList | Repository | File Safer | Integrate with File Safer. |
| View | View/getWebhookList | View/getRepositoryList
View/getRepositoryDetail | - | Webhook | View webhook list. |
| View | View/getCloudFunctionsTriggerList | View/getRepositoryList
View/getRepositoryDetail
View/getWebhookList | - | Webhook | View the list of Cloud Functions Trigger. |
| View | View/getCloudFunctionsActionList | View/getRepositoryList
View/getRepositoryDetail
View/getWebhookList
View/getCloudFunctionsTriggerList| - | Webhook | View the list of Cloud Functions Action. |
| View | View/getBucketList | - | - | Object Storage | View Object Storage bucket list. |
| View | View/getBucketDetail | View/getBucketList | ObjectStorage:Bucket | Object Storage | View Object Storage bucket details. |
| View | View/accessObjectStorage | View/getRepositoryList
View/getRepositoryDetail | - | Object Storage | View Object Storage integration status. |
| Change | Change/createRepository | View/getRepositoryList
View/accessFileSafer | Repository | Repository | Create repository. |
| Change | Change/importRepository | View/getRepositoryList
View/accessFileSafer | Repository | Repository | Copy external repository. |
| Change | Change/changeRepository | View/getRepositoryList
View/getRepositoryDetail
View/accessFileSafer | Repository | Repository | Edit repository settings. |
| Change | Change/deleteRepository | View/getRepositoryList
View/getRepositoryDetail | Repository | Repository | Delete repository. |
| Change | Change/changeGitPassword | View/getRepositoryList | Repository | Git Remote | Set git account information (password/ssh). |
| Change | Change/changeGitContents | View/getRepositoryList
View/getRepositoryDetail
View/getGitContents | Repository | Git Remote | Edit remote repository (push, etc.). |
| Change | Change/createPullRequest | View/getRepositoryList
View/getRepositoryDetail
View/getPullRequestList
View/getPullRequestDetail | Repository | Pull Request | Create pull request. |
| Change | Change/changePullRequest | View/getRepositoryList
View/getRepositoryDetail
View/getPullRequestList
View/getPullRequestDetail | Repository | Pull Request | Edit pull request content. |
| Change | Change/mergePullRequest | View/getRepositoryList
View/getRepositoryDetail
View/getPullRequestList
View/getPullRequestDetail | Repository | Pull Request | Merge pull request. |
| Change | Change/closePullRequest | View/getRepositoryList
View/getRepositoryDetail
View/getPullRequestList
View/getPullRequestDetail | Repository | Pull Request | Close pull request. |
| Change | Change/createWebhook | View/getRepositoryList
View/getRepositoryDetail
View/getWebhookList
View/getCloudFunctionsTriggerList
View/getCloudFunctionsActionList | - | Webhook | Create webhook. |
| Change | Change/changeWebhook | View/getRepositoryList
View/getRepositoryDetail
View/getWebhookList
View/getCloudFunctionsTriggerList
View/getCloudFunctionsActionList | Repository | Webhook | Change webhook settings. |
| Change | Change/deleteWebhook | View/getRepositoryList
View/getRepositoryDetail
View/getWebhookList | Repository | Webhook | Delete webhook. |
| Change | Change/createCloudFunctionsTrigger | View/getCloudFunctionsTriggerList
View/getCloudFunctionsActionList | - | Webhook | Create Cloud Functions Trigger. |
| Change | Change/linkObjectStorageBucket | View/accessObjectStorage | - | Object Storage | Edit Object Storage bucket integrations settings. |

Caution

If you grant someone access to a specific action but not to the required related actions, they won't be able to complete their tasks. Sub Account automatically includes these related permissions to prevent this issue. However, if you manually uncheck these auto-selected related actions, the system assumes this was intentional and won't override your selection.

Business Registration Number: 129-86-31394 E-commerce Permit Number:No. 2009-GyeonggiSeongnam-0510
CEO: Kim Yuwon Address: NAVER Green Factory 17th–26th Floors, Buljeong-ro 6, Bundang-gu, Seongnam-si, Gyeonggi-do 13561, Republic of Korea. Customer Support Number: 1544-5876
© NAVER Cloud Corp. All Rights Reserved.