Managing SourceDeploy permissions
  • PDF

Managing SourceDeploy permissions

  • PDF

It is available in a Classic/VPC environment.

By using Sub Account, NAVER Cloud Platform's account management service, you can set various access permissions for SourceDeploy. Sub Account provides System Managed policies and User Created policies for setting management and administration permissions.

Note

Sub Account is a service provided free of charge upon subscription request. For more information on Sub Account, refer to the Services > Management & Governance > Sub Account menu in the NAVER Cloud Platform portal, as well as the Sub Account Guide.

System Managed policies

System Managed policies are role-based policies defined by NAVER Cloud Platform for user convenience. Once System Managed policies are granted to a sub account created in Sub Account, that sub account can use SourceDeploy. The following is a brief description about System Managed policies of SourceDeploy.

Classic

Policy name Policy description
NCP_ADMINISTRATOR Permission to access the portal and console in NAVER Cloud Platform in the same manner as main accounts
NCP_INFRA_MANAGER Permission to use all services in NAVER Cloud Platform and access My Page > Manage notifications in the portal
NCP_SOURCEDEPLOY_MANAGER Permission to use all the features in SourceDeploy
NCP_SOURCEDEPLOY_VIEWER Permission to only use the View list and Search features in SourceDeploy
NCP_SOURCEDEPLOY_APPROVER Approver permission managed in SourceDeploy
NCP_SOURCEDEPLOY_USER User permission managed in SourceDeploy
NCP_SOURCEDEPLOY_ADMIN Admin permission managed in SourceDeploy

VPC

Policy name Policy description
NCP_ADMINISTRATOR Permission to access the portal and console in NAVER Cloud Platform in the same manner as main accounts
NCP_INFRA_MANAGER Permission to use all services in NAVER Cloud Platform and access My Page > Manage notifications in the portal
NCP_VPC_SOURCEDEPLOY_MANAGER Permission to use all the features in VPC-based SourceDeploy
NCP_VPC_SOURCEDEPLOY_VIEWER Permission to only use the View list and Search features in VPC-based SourceDeploy
NCP_VPC_SOURCEDEPLOY_APPROVER Approver permission managed in VPC-based SourceDeploy
NCP_VPC_SOURCEDEPLOY_USER User permission managed in VPC-based SourceDeploy
NCP_VPC_SOURCEDEPLOY_ADMIN Admin permission managed in VPC-based SourceDeploy

User Created policies

User Created policies are policies that users can create. Once User Created policies are granted to a sub account created in Sub Account, that sub account can only use the user-assigned action combinations. The following is a brief description about User created policies of SourceDeploy.

Classic

Type Action name Related action(s) Resource type Group by resource type Action description
View View/getProjectList - - SourceDeploy View project list.
View View/getProjectDetail View/getProjectList Project SourceDeploy View project details.
View View/getHistoryList View/getProjectList Project SourceDeploy View deployment history list.
View View/getServerList View/getProjectList Project Server View Server's server list.
View View/getServerDetail View/getServerList Server:Server Server View Server details.
View View/getAutoScalingGroupList View/getServerList Server:Server Auto Scaling View Auto Scaling Group list in Auto Scaling.
View View/getAutoScalingGroupDetail View/getAutoScalingGroupList AutoScaling:AutoScalingGroup Auto Scaling View Auto Scaling Group details in Auto Scaling.
View View/getKubernetesClusterList View/getAutoScalingGroupList AutoScaling:AutoScalingGroup Kubernetes Service View cluster list in Kubernetes Service.
View View/getKubernetesClusterDetail View/getKubernetesClusterList KubernetesService:Cluster Kubernetes Service View cluster details in Kubernetes Service.
View View/getBuildProjectList View/getKubernetesClusterList KubernetesService:Cluster SourceBuild View SourceBuild project list.
View View/getBuildProjectDetail View/getKubernetesClusterList SourceBuild:Project SourceBuild View SourceBuild project details.
View View/getBucketList View/getKubernetesClusterList SourceBuild:Project Object Storage View Object Storage bucket list.
View View/getBucketDetail View/getBucketList ObjectStorage:Bucket Object Storage View bucket details in Object Storage.
View View/getRepositoryList View/getBucketList ObjectStorage:Bucket SourceCommit View repository list in SourceCommit.
View View/getRepositoryDetail View/getRepositoryList SourceCommit:Repository SourceCommit View repository details in SourceCommit.
View View/getLoadBalancerList View/getRepositoryList SourceCommit:Repository Load Balancer View load balancer list.
View View/getLoadBalancerDetail View/getLoadBalancerList LoadBalancer:Instance Load Balancer View load balancer details.
Change Change/createProject View/getProjectList
View/getProjectDetail
View/getServerDetail
View/getServerList
View/getAutoScalingGroupDetail
View/getAutoScalingGroupList
View/getKubernetesClusterDetail
View/getKubernetesClusterList
View/getBuildProjectDetail
View/getBuildProjectList
View/getRepositoryList
View/getRepositoryDetail
View/getBucketList
View/getBucketDetail
LoadBalancer:Instance SourceDeploy Create project.
Change Change/changeProject View/getProjectList
View/getProjectDetail
View/getServerDetail
View/getServerList
View/getAutoScalingGroupDetail
View/getAutoScalingGroupList
View/getKubernetesClusterDetail
View/getKubernetesClusterList
View/getBuildProjectDetail
View/getBuildProjectList
View/getRepositoryList
View/getRepositoryDetail
View/getBucketList
View/getBucketDetail
Project SourceDeploy Change project settings.
Change Change/deleteProject View/getProjectDetail
View/getProjectList
Project SourceDeploy Delete project.
Change Change/doDeploy View/getProjectList
View/getProjectDetail
View/getHistoryList
View/getBucketList
View/getBucketDetail
View/getBuildProjectDetail
View/getBuildProjectList
Project SourceDeploy Run project deployment scenario.
Change Change/requestDeploy View/getProjectList
View/getProjectDetail
View/getHistoryList
View/getBucketList
View/getBucketDetail
View/getBuildProjectDetail
View/getBuildProjectList
Project SourceDeploy Request to run project deployment scenario.
Change Change/approveDeploy View/getProjectList
View/getProjectDetail
View/getHistoryList
Project SourceDeploy Approve the run request for a project deployment scenario.

VPC

Type Action name Related action(s) Resource type Group by resource type Action description
View View/getProjectList - - SourceDeploy View project list.
View View/getProjectDetail View/getProjectList Project SourceDeploy View project details.
View View/getHistoryList View/getProjectList Project SourceDeploy View deployment history list.
View View/getServerList View/getProjectList Project Server View Server's server list.
View View/getServerDetail View/getServerList VPCServer:Server Server View Server details.
View View/getAutoScalingGroupList View/getServerList VPCServer:Server Auto Scaling View Auto Scaling Group list in Auto Scaling.
View View/getAutoScalingGroupDetail View/getAutoScalingGroupList VPCAutoScaling:AutoScalingGroup Auto Scaling View Auto Scaling Group details in Auto Scaling.
View View/getKubernetesClusterList View/getAutoScalingGroupList VPCAutoScaling:AutoScalingGroup Kubernetes Service View cluster list in Kubernetes Service.
View View/getKubernetesClusterDetail View/getKubernetesClusterList VPCKubernetesService:Cluster Kubernetes Service View cluster details in Kubernetes Service.
View View/getBuildProjectList View/getKubernetesClusterList VPCKubernetesService:Cluster SourceBuild View SourceBuild project list.
View View/getBuildProjectDetail View/getKubernetesClusterList SourceBuild:Project SourceBuild View SourceBuild project details.
View View/getBucketList View/getKubernetesClusterList SourceBuild:Project Object Storage View Object Storage bucket list.
View View/getBucketDetail View/getBucketList ObjectStorage:Bucket Object Storage View Object Storage bucket details.
View View/getRepositoryList View/getBucketList ObjectStorage:Bucket SourceCommit View repository list in SourceCommit.
View View/getRepositoryDetail View/getRepositoryList SourceCommit:Repository SourceCommit View repository details in SourceCommit.
View View/getLoadBalancerList View/getRepositoryList SourceCommit:Repository Load Balancer View load balancer list.
View View/getLoadBalancerDetail View/getLoadBalancerList VPCLoadBalancer:LoadBalancer Load Balancer View load balancer details.
Change Change/createProject View/getProjectList
View/getProjectDetail
View/getServerDetail
View/getServerList
View/getAutoScalingGroupDetail
View/getAutoScalingGroupList
View/getKubernetesClusterDetail
View/getKubernetesClusterList
View/getBuildProjectDetail
View/getBuildProjectList
View/getRepositoryList
View/getRepositoryDetail
View/getBucketList
View/getBucketDetail
VPCLoadBalancer:LoadBalancer SourceDeploy Create project.
Change Change/changeProject View/getProjectList
View/getProjectDetail
View/getServerDetail
View/getServerList
View/getAutoScalingGroupDetail
View/getAutoScalingGroupList
View/getKubernetesClusterDetail
View/getKubernetesClusterList
View/getBuildProjectDetail
View/getBuildProjectList
View/getRepositoryList
View/getRepositoryDetail
View/getBucketList
View/getBucketDetail
Project SourceDeploy Change project settings.
Change Change/deleteProject View/getProjectDetail
View/getProjectList
Project SourceDeploy Delete project.
Change Change/doDeploy View/getProjectList
View/getProjectDetail
View/getHistoryList
View/getBucketList
View/getBucketDetail
View/getBuildProjectDetail
View/getBuildProjectList
Project SourceDeploy Run project deployment scenario.
Change Change/requestDeploy View/getProjectList
View/getProjectDetail
View/getHistoryList
View/getBucketList
View/getBucketDetail
View/getBuildProjectDetail
View/getBuildProjectList
Project SourceDeploy Request to run project deployment scenario.
Change Change/approveDeploy View/getProjectList
View/getProjectDetail
View/getHistoryList
Project SourceDeploy Approve project deployment scenario execution request.
Caution

Even when you are granted permission for a specific action, if you are not also granted permissions for the related actions that are required, then you won't be able to perform jobs properly. To prevent such issues, Sub Account provides a feature that automatically grants permissions for related actions when granting action permissions. However, if you deselect related actions that are automatically granted, then the system determines that it was done intentionally by the main account user and won't forcibly include them. So, be careful when setting permissions.


Was this article helpful?