Available in Classic and VPC
You can set access permissions for Effective Log Search & Analytics 2.0 using Sub Account, NAVER Cloud Platform's account management service. Sub Account service provides System Managed policies and User Created policies for setting management and administration permissions.
Sub Account is a service provided free of charge upon subscription request. For more details about Sub Account, see Service > Management & Governance > Sub Account menu in NAVER Cloud Platform portal, as well as the Sub Account User Guide.
System Managed policies
System Managed policies are role-based policies defined by NAVER Cloud Platform for user convenience. Once System Managed policies are granted to a sub account created in Sub Account, that sub account can use Effective Log Search & Analytics 2.0. The following briefly describes the System Managed policies of Effective Log Search & Analytics 2.0 service.
| Policy name | Policy description |
|---|---|
| NCP_ADMINISTRATOR | Permission to access the portal and console in NAVER Cloud Platform in the same manner as main accounts |
| NCP_INFRA_MANAGER | Permission to use all services in NAVER Cloud Platform but with restricted access to some menus (Manage usage, Payment management, and Solution subscription status) of My Page in the portal |
| NCP_EFFECTIVE_LOG_SEARCH_&_ANALYTICS_2.0_MANAGER | Permission to use all the features of Effective Log Search & Analytics 2.0 service |
| NCP_EFFECTIVE_LOG_SEARCH_&_ANALYTICS_2.0_VIEWER | Permission to view the list and to use the search function of Effective Log Search & Analytics 2.0 service |
User Created policies
User-created policies are policies that users may create. Once User Created policies are granted to a sub account created in Sub Account, that sub account can only use the user-assigned action combinations. The following briefly describes the User Created policies of Effective Log Search & Analytics 2.0 service.
| Category | Action name | Related action(s) | Resource type | Group by resource type | Action description |
|---|---|---|---|---|---|
| View | View/groupUser | - | Group | Group | View Groups menu in the console |
| View/projectUser | - | Project | Project | View Projects menu in the console | |
| Change | Change/groupAdmin | - | Group | Group | Create, edit, and delete groups in the console |
| Change/projectAdmin | - | Project | Project | Create, edit, and delete projects in the console |
Even when you are granted permission for a specific action, you cannot perform jobs properly if you are not also granted permissions for the related actions that are required. To prevent such issues, Sub Account provides a feature that automatically grants permissions for related actions when granting action permissions. However, if you deselect related actions that are automatically granted, then the system determines that it was done intentionally by the main account user and won't forcibly include them. So, be cautioned when setting permissions.