Available in Classic and VPC
You can set different access permissions for SourceBuild using Sub Account, which is an account management service provided by NAVER Cloud Platform. Sub Account offers both system-managed (System Managed) and user-defined (User Created) policies to help you configure management and operation permissions.
Sub Account is a free service with no additional charges. For more information about Sub Account, see Services > Management & Governance > Sub Account on the NAVER Cloud Platform portal and the Sub Account user guide.
System-managed policies
System-managed policies are pre-built, role-based policies that NAVER Cloud Platform provides for your convenience. Once the system-managed policies are granted to a sub account created in Sub Account, that sub account can use SourceBuild. Here are the available system-managed policies for SourceBuild.
| Policy name | Policy description |
|---|---|
| NCP_ADMINISTRATOR | Full access to all services, same as the main account |
| NCP_INFRA_MANAGER | Access to all services, except My Account > Billing Information and Cost Management > Billing and Payment Management in the console |
| NCP_FINANCE_MANAGER | Access to only the Cost Explorer service and the console menu My Account > Billing Information and Cost Management > Billing and Payment Management |
| NCP_SOURCEBUILD_MANAGER | Full access to all SourceBuild features. |
| NCP_SOURCEBUILD_VIEWER | Permission to only use the View list and Search features in SourceBuild. |
| NCP_SOURCEBUILD_ADMIN | ADMIN permissions template managed in SourceBuild. Permission to create the ADMIN permissions policy managed in SourceBuild through the Load policy feature. |
| NCP_SOURCEBUILD_USER | USER permissions template managed in SourceBuild. Permission to create the USER permissions policy managed in SourceBuild through the Load policy feature. |
User-defined policies
User-created policies let you create custom permissions. When you assign a user-defined policy to a sub account, that account can only perform the specific actions you've allowed. The following is a brief description of the user-defined policies of SourceBuild.
| Type | Action | Related action | Resource type | Group by resource type | Action description |
| ---- | ---- | ---- | ---- | ---- | ---- |
| View | View/getProjectList | - | - | SourceBuild | View project list. |
| View | View/getProjectDetail | View/getProjectList
View/downloadArtifact | Project | SourceBuild | View project details. |
| View | View/getHistoryList | View/getProjectList
View/getProjectDetail
View/downloadArtifact | Project | SourceBuild | View build task result list. |
| View | View/downloadArtifact | View/getProjectList
View/getProjectDetail | Project | SourceBuild | Download build results. |
| View | View/getRepositoryList | - | - | SourceCommit | View SourceCommit repository list. |
| View | View/getRepositoryDetail | View/getRepositoryList | SourceCommit:Repository | SourceCommit | View SourceCommit repository details. |
| View | View/getBucketList | - | - | Object Storage | View Object Storage bucket list. |
| View | View/getBucketDetail | View/getBucketList | ObjectStorage:Bucket | Object Storage | Select Object Storage bucket to save build result. |
| View | View/getRegistryList | - | - | Container Registry | View Container Registry list. |
| View | View/getRegistryDetail | View/getRegistryList | ContainerRegistry:Registry | Container Registry | View Container Registry details. |
| View | View/accessFileSafer | - | - | File Safer | Connect to File Safer. |
| View | View/accessCloudLogAnalytics | - | - | Cloud Log Analytics | Connect to Cloud Log Analytics. |
| View | View/getNotificationList | - | Project | SourceBuild | View notification recipient list. |
| View | View/getSourceBandOrganizationList | - | - | SourceBand | View SourceBand organization list. |
| View | View/getSourceBandOrganizationDetail | View/getSourceBandOrganizationList | SourceBand:Organization | SourceBand | View SourceBand organization details. |
| View | View/getSourceBandProjectList | View/getSourceBandOrganizationList
View/getSourceBandOrganizationDetail | - | SourceBand | View SourceBand project list. |
| View | View/getSourceBandProjectDetail | View/getSourceBandOrganizationList
View/getSourceBandOrganizationDetail
View/getSourceBandProjectList | SourceBand:Project | SourceBand | View SourceBand project details. |
| Change | Change/createProject | View/getProjectList
View/getRepositoryList
View/getRepositoryDetail
View/getBucketList
View/getBucketDetail
View/getRegistryList
View/getRegistryDetail
View/accessFileSafer
View/accessCloudLogAnalytics
View/getNotificationList | - | SourceBuild | Create project. |
| Change | Change/changeProject | View/getProjectList
View/getProjectDetail
View/downloadArtifact
View/getRepositoryList
View/getRepositoryDetail
View/getBucketList
View/getBucketDetail
View/getRegistryList
View/getRegistryDetail
View/accessFileSafer
View/accessCloudLogAnalytics
View/getNotificationList | Project | SourceBuild | Change project settings. |
| Change | Change/deleteProject | View/getProjectList
View/getProjectDetail
View/downloadArtifact | Project | SourceBuild | Delete project. |
| Change | Change/doBuild | View/getProjectList
View/getProjectDetail
View/downloadArtifact
View/getRepositoryList
View/getHistoryList
View/getRepositoryDetail
View/getBucketList
View/getBucketDetail
View/getRegistryList
View/getRegistryDetail | Project | SourceBuild | Execute/cancel project (build). |
If you grant someone access to a specific action but not to the required related actions, they won't be able to complete their tasks. Sub Account automatically includes these related permissions to prevent this issue. However, if you manually uncheck these auto-selected related actions, the system assumes this was intentional and won't override your selection.