Assignments

Available in Classic and VPC

This page explains how to create and manage Assignments. Assignment connects the Permission Set, which defines the policy to be used by external accounts, with the SSO User, and refers to the scope of permissions that the SSO User can perform on NAVER Cloud Platform.

Assignments page

The following describes the Assignments page.

Check Assignment details

The following describes how to view Assignment details.

1. Click the environment you are using in the Region menu and the Platform menu on the NAVER Cloud Platform console.
2. Click Services > Management & Governance > Ncloud Single Sign-On in order.
3. Click External IdP login > Assignments menus in that order.
4. Click on the Assignment name in the Assignment list.
5. Check the Assignment information.
   • Assignment name: name of the Assignment set upon creation
   • Assignment NRN: resource name of the Assignment
   • Assignment creation date: date and time the Assignment was created
   • Role NRN: SSO role NRN created on the Sub Account service
   • Assignment description: description of the Assignment
   • Assignment status: status of the Assignment
     • In use: the Assignment can be used. Displayed on the SSO role switching list
     • Suspended: temporarily suspended. Not displayed on the SSO role switching list
   • Account name: the name of the account within the Organization connected to the Assignment
   • Account alias: the alias of the connected account Displayed only when the Organization service is integrated
   • Login ID: the login ID of the account within the Organization connected to the Assignment
   • Membership number: the membership number of the account within the Organization connected to the Assignment
   • Permission Set name: the name of the assigned Permission Set
   • Permission Set NRN: the resource name of the assigned Permission Set
   • Permission Set creation date: the date and time the assigned Permission Set was created
   • Permission Set description: a simple description of the assigned Permission Set
6. Check the tab information at the bottom of the details.
   • [User] tab: SSO User list to grant the permission set in Assignment
   • [Group] tab: group list to grant the permission set in Assignment
   • [IP ACL] tab: list of IP ACLs with access to the assignment

Create Assignment

By creating an Assignment, you can set the scope of the service and resource access permission of NAVER Cloud Platform to be used by external account users. The created Assignment can be selected when an external account user logs in to NAVER Cloud Platform.

The following describes how to create an Assignment.

1. Click the environment you are using in the Region menu and the Platform menu on the NAVER Cloud Platform console.
2. Click Services > Management & Governance > Ncloud Single Sign-On in order.
3. Click External IdP login > Assignments menus in that order.
4. Click the [Create Assignment] button.
5. In the Account selection step, select the account to which you want to grant access permission and click the [Next] button.
   • You must select an account that has the policy resources set in Permission Sets.
6. Select Permission Set, and click the [Next] button.
7. Enter the name, description and access type of the assignment. Check the assignment, and click the [Create] button.
   • Access type:
     • Console access: access is allowed only via the console
     • API Gateway access: access is allowed only via API Gateway
8. Check the assignment information entered, and click the [Create] button.
9. Refer to Add SSO user/group or IP ACL to assignment to add an SSO user that will use the Permission Sets policy for the assignment.

Adding SSO user/group or IP ACL to assignment

To add an SSO user/group to a created assignment, do the following:

1. Click the environment you are using in the Region menu and the Platform menu on the NAVER Cloud Platform console.
2. Click Services > Management & Governance > Ncloud Single Sign-On in order.
3. Click External IdP login > Assignments menus in that order.
4. Click the name of the Assignment.
5. Under the [User], [Group] or [IP ACL] tab, click the [Add] button.
6. Select SSO User/Group or IP ACL, and click the [Save] button.

Edit Assignment

The following describes how to edit Assignment information.

1. Click the environment you are using in the Region menu and the Platform menu on the NAVER Cloud Platform console.
2. Click Services > Management & Governance > Ncloud Single Sign-On in order.
3. Click External IdP login > Assignments menus in that order.
4. Click the Assignment radio button, and click the [Edit] button.
5. Edit the information.
6. When you are done editing, click the [Edit] button.

Disable Assignment

If you disable Assignment, you cannot use the Permission Set of the account connected to the Assignment.
The following describes how to disable Assignment.

1. Click the environment you are using in the Region menu and the Platform menu on the NAVER Cloud Platform console.
2. Click Services > Management & Governance > Ncloud Single Sign-On in order.
3. Click External IdP login > Assignments menus in that order.
4. Click the Assignment checkbox, and click the**[Disable]** button.
   • The SSO User connected to Assignment will be automatically logged out.
5. To enable it again, click the [Enable] button.

Delete Assignment

The following describes how to delete an Assignment.

1. Click the environment you are using in the Region menu and the Platform menu on the NAVER Cloud Platform console.
2. Click Services > Management & Governance > Ncloud Single Sign-On in order.
3. Click External IdP login > Assignments menus in that order.
4. Click the checkbox of the group to delete, and click the [Delete] button.
5. Once the Delete pop-up window appears, click the [Delete] button.