Login
      Contents x
      Managing Data Forest permissions
        • Print
        • PDF
        Contents

        Managing Data Forest permissions

          • Print
          • PDF
          Article Summary

          You can use Sub Account, the account management service of NAVER Cloud Platform, to set various access permissions for Data Forest. Sub Account provides System Managed policies and User Created policies for setting management and administration permissions.

          Note

          Sub Account is a service provided free of charge upon subscription. For more details about Sub Account, see the Services > Management & Governance > Sub Account menu in the NAVER Cloud Platform portal, as well as the Sub Account user guide.

          System managed policies

          System managed policies are role-based policies defined by NAVER Cloud Platform for user convenience. Once System Managed policies are granted to a sub account created in Sub Account, that sub account can use Data Forest. The following is a brief description about system managed policies of Data Forest.

          Policy namePolicy description
          NCP_ADMINISTRATORPermission to access the portal and console in NAVER Cloud Platform in the same manner as main accounts
          NCP_INFRA_MANAGERPermission to use all services in NAVER Cloud Platform and access My Page > Manage notifications in the portal
          NCP_DATA_FOREST_MANAGERPermission to use all the features in the Data Forest service
          NCP_DATA_FOREST_VIEWERPermission to only use the view list and view features in Data Forest

          User created policies

          User created policies are policies that users can create. Once user created policies are granted to a sub account created in Sub Account, that sub account can only use the user-assigned action combinations. The following is a brief description about system user created policies of Data Forest.

          ClassificationAction nameRelated action(s)Resource typeGroup by resource typeAction description
          ViewView/getAccountList--AccountView account list
          ViewView/getAccountDetailView/getAccountListAccountAccountView account details
          ViewView/downloadAccountKerberosKeytabView/getAccountList
          View/getAccountDetail          		AccountAccountDownload the account's Kerberos keytab
          ViewView/getNotebookListView/getAccountList
          View/getAccountDetail          		-NotebooksView notebook list
          ViewView/getNotebookDetailView/getAccountList
          View/getAccountDetail
          View/getNotebookList          		NotebookNotebooksView notebook details
          ViewView/getVPCList--NotebooksView VPC list
          ViewView/getVPCDetailView/getVPCListVPC:VPCNotebooksView VPC details
          ViewView/getSubnetListView/getVPCList
          View/getVPCDetail          		-NotebooksView subnet list
          ViewView/getSubnetDetailView/getVPCList
          View/getVPCDetail
          View/getSubnetList          		VPC:SubnetNotebooksView subnet details
          ViewView/getAppListView/getAccountList
          View/getAccountDetail          		-Data ForestView app list
          ViewView/getAppDetailView/getAccountList
          View/getAccountDetail
          View/getAppList          		AppData ForestView app details
          ViewView/getAIAppListView/getAccountList
          View/getAccountDetail          		-AI ForestView AI app list
          ViewView/getAIAppDetailView/getAccountList
          View/getAccountDetail
          View/getAIAppList          		AIAppAI ForestView AI app details
          ViewView/getAIAppLogView/getAccountList
          View/getAccountDetail
          View/getAIAppList
          View/getAIAppDetail          		AI AppAI ForestView AI app log
          ViewView/getAIWorkspaceListView/getAccountList
          View/getAccountDetail          		-AI ForestView AI workspace list
          ViewView/getAIWorkspaceDetailView/getAccountList
          View/getAccountDetail
          View/getAIWorkspaceList          		AI WorkspaceAI ForestView AI workspace details
          ViewView/getAIWorkspaceConfigurationListView/getAccountList
          View/getAccountDetail
          View/getAIWorkspaceList          		AI WorkspaceAI ForestView AI workspace settings
          ViewView/getAIWorkspaceObjectListView/getAccountList
          View/getAccountDetail
          View/getAIWorkspaceList          		AI WorkspaceAI WorkspaceView AI workspace file and folder list
          ViewView/getAIWorkspaceObjectContentView/getAccountList
          View/getAccountDetail
          View/getAIWorkspaceList
          View/getAIWorkspaceObjectList          		AI WorkspaceAI ForestRead AI workspace file content
          ViewView/getMonitoringView/getAccountList
          View/getAccountDetail
          View/getAppList
          View/getAIAppList          		--View monitoring
          ViewView/getBucketList---View the bucket list.
          ViewView/getObjectListView/getBucketListObject Storage:BucketNotebooksView the object details of the bucket.
          ViewView/getLoginKeyList--NotebooksView the list of authentication keys.
          ViewView/getNotebookAcgRuleListView/getAccountList
          View/getAccountDetail
          View/getNotebookList
          View/getNotebookDetail          		NotebookNotebooksView the list of ACG rule for notebook
          ChangeChange/createAccountView/getAccountList-AccountCreate account
          ChangeChange/deleteAccountView/getAccountList
          View/getAccountDetail          		AccountAccountDelete account
          ChangeChange/setAccountQuotaView/getAccountList
          View/getAccountDetail          		AccountAccountChange account's quota
          ChangeChange/resetAccountKerberosKeytabView/getAccountList
          View/getAccountDetail          		AccountAccountReset the account's Kerberos keytab
          ChangeChange/resetAccountPasswordView/getAccountList
          View/getAccountDetail          		AccountAccountReset account password
          ChangeChange/createNotebookView/getAccountList
          View/getAccountDetail
          View/getVPCList
          View/getVPCDetail
          View/getSubnetList
          View/getSubnetDetail
          View/getLoginKeyList
          View/getBucketList
          View/getObjectList
          View/getNotebookList
          View/getNotebookDetail          		-NotebooksCreate notebook
          ChangeChange/deleteNotebookView/getAccountList
          View/getAccountDetail
          View/getNotebookList
          View/getNotebookDetail
          		NotebookNotebooksDelete notebook
          ChangeChange/restartNotebookView/getAccountList
          View/getAccountDetail
          View/getNotebookList
          View/getNotebookDetail          		NotebookNotebooksRestart notebook
          ChangeChange/setNotebookUserConfigurationListView/getAccountList
          View/getAccountDetail
          View/getNotebookList
          View/getNotebookDetail          		NotebookNotebooksChange notebook user settings
          ChangeChange/createLoginKey--NotebooksCreate authentication key for notebook
          ChangeChange/createAppView/getAccountList
          View/getAccountDetail
          View/getAppList
          View/getAppDetail          		AccountData ForestCreate app
          ChangeChange/deleteAppView/getAccountList
          View/getAccountDetail
          View/getAppList
          View/getAppDetail          		AppData ForestDelete app
          ChangeChange/setAppLifetimeView/getAccountList
          View/getAccountDetail
          View/getAppList
          View/getAppDetail          		AppData ForestChange app's lifetime
          ChangeChange/setAppContainerCountView/getAccountList
          View/getAccountDetail
          View/getAppList
          View/getAppDetail          		AppData ForestChange the number of app's Component Containers
          ChangeChange/startAppView/getAccountList
          View/getAccountDetail
          View/getAppList
          View/getAppDetail          		AppData ForestStart app
          ChangeChange/stopAppView/getAccountList
          View/getAccountDetail
          View/getAppList
          View/getAppDetail          		AppData ForestStop app
          ChangeChange/killApplicationMasterView/getAccountList
          View/getAccountDetail
          View/getAppList
          View/getAppDetail          		AppData ForestRestart app's Application Master
          ChangeChange/killAppContainerView/getAccountList
          View/getAccountDetail
          View/getAppList
          View/getAppDetail          		AppData ForestRestart app's Component Container
          ChangeChange/submitAIAppView/getAccountList
          View/getAccountDetail
          View/getAIWorkspaceList
          View/getAIWorkspaceDetail          		AI WorkspaceAI ForestRun AI app
          ChangeChange/killAIAppView/getAccountList
          View/getAccountDetail
          View/getAIAppList
          View/getAIAppDetail          		AI AppAI ForestStop AI app
          ChangeChange/createAIWorkspaceView/getAccountList
          View/getAccountDetail          		AccountAI ForestCreate AI workspace
          ChangeChange/deleteAIWorkspaceView/getAccountList
          View/getAccountDetail
          View/getAIWorkspaceList
          View/getAIWorkspaceDetail          		AI WorkspaceAI ForestDelete AI workspace
          ChangeChange/copyAIWorkspaceView/getAccountList
          View/getAccountDetail
          View/getAIWorkspaceList
          View/getAIWorkspaceDetail          		AI WorkspaceAI ForestReplicate AI workspace
          ChangeChange/setAIWorkspaceConfigurationView/getAccountList
          View/getAccountDetail
          View/getAIWorkspaceList
          View/getAIWorkspaceDetail
          View/getAIWorkspaceConfigurationList          		AI WorkspaceAI ForestChange AI workspace settings
          ChangeChange/setAIWorkspaceDescriptionView/getAccountList
          View/getAccountDetail
          View/getAIWorkspaceList
          View/getAIWorkspaceDetail          		AI WorkspaceAI ForestChange AI workspace details
          ChangeChange/createAIWorkspaceObjectView/getAccountList
          View/getAccountDetail
          View/getAIWorkspaceList
          View/getAIWorkspaceObjectList          		AI WorkspaceAI ForestAdd new folder or file to AI workspace
          ChangeChange/deleteAIWorkspaceObjectView/getAccountList
          View/getAccountDetail
          View/getAIWorkspaceList
          View/getAIWorkspaceObjectList          		AI WorkspaceAI ForestDelete folder or file in AI workspace
          ChangeChange/uploadAIWorkspaceObjectView/getAccountList
          View/getAccountDetail
          View/getAIWorkspaceList
          View/getAIWorkspaceObjectList          		AI WorkspaceAI ForestUpload file to AI workspace
          ChangeChange/renameAIWorkspaceObjectView/getAccountList
          View/getAccountDetail
          View/getAIWorkspaceList
          View/getAIWorkspaceObjectList          		AI WorkspaceAI ForestChange name of folder or file in AI workspace
          ChangeChange/saveAIWorkspaceObjectContentView/getAccountList
          View/getAccountDetail
          View/getAIWorkspaceList
          View/getAIWorkspaceObjectList          		AI WorkspaceAI ForestSave file content of AI workspace
          ChangeChange/setObjectStorageBucketView/getAccountList
          View/getAccountDetail
          View/getNotebookList
          View/getNotebookDetail
          View/getBucketList
          View/getObjectList          		NotebookNotebooksEdit the notebook integration bucket.
          Caution

          Even when you are granted permission for a specific action, if you are not also granted permissions for the related actions that are required, then you won't be able to perform jobs properly. To prevent such issues, Sub Account provides a feature that automatically grants permissions for related actions when granting action permissions. However, if you deselect related actions that are automatically granted, then the system determines that it was done intentionally by the main account user and does not forcibly include them. Thus, take caution when setting permissions.

          Was this article helpful?
          What's Next
          Change password!
          Changing your password will log you out immediately. Use the new password to log back in.
          Change profile
          Success!
          First name must have atleast 2 characters. Numbers and special characters are not allowed.
          Last name must have atleast 1 characters. Numbers and special characters are not allowed.
          Enter a valid email
          Enter a valid password
          Your profile has been successfully updated.
          Logout