Managing Simple RabbitMQ Service permissions (VPC)
  • PDF

Managing Simple RabbitMQ Service permissions (VPC)

  • PDF

Available in VPC

By using Sub Account, NAVER Cloud Platform's account management service, you can set various access permissions for Simple RabbitMQ Service. Sub Account provides System Managed policies and User Created policies for setting management and administration permissions.

Note

Sub Account is a service provided free of charge upon subscription request. For more information on Sub Account, refer to the Services > Management & Governance > Sub Account menu in the NAVER Cloud Platform portal, as well as the Sub Account Guide.

System Managed policies

System Managed policies are role-based policies defined by NAVER Cloud Platform for user convenience. Once System Managed policies are granted to a sub account created in Sub Account, that sub account can use Simple RabbitMQ Service. The following is a brief description about System Managed policies of Simple RabbitMQ Service.

Policy name Policy description
NCP_ADMINISTRATOR Permission to access the portal and console in NAVER Cloud Platform in the same manner as main accounts
NCP_INFRA_MANAGER Permission to use all services in NAVER Cloud Platform and access My Page > Manage notifications in the portal
NCP_VPC_SIMPLE_RABBITMQ_SERVICE_MANAGER Permission to use all the features in VPC-based Simple RabbitMQ Service
NCP_VPC_SIMPLE_RABBITMQ_SERVICE_VIEWER Permission to only use the View list and Search features in VPC-based Simple RabbitMQ Service.

User Created policies

User Created policies are policies that users can create. Once User Created policies are granted to a sub account created in Sub Account, that sub account can only use the user-assigned action combinations. The following is a brief description about User Created policies of Simple RabbitMQ Service.

Actions related to cluster

Type Action name Related action(s) Resource type Group by resource type Action description
View View/getRabbitMQClusterList - - - Import cluster list.
View View/getRabbitMQClusterDetail View/getRabbitMQClusterList Cluster - View service details.
View View/getVPCList - - - Import VPC resource list.
View View/getVPCDetail View/getVPCList VPC:VPC - Select a VPC to place the cluster in.
View View/getSubnetList View/getVPCList - - View subnet resource list information.
View View/getSubnetDetail View/getSubnetList VPC:Subnet - Select a subnet to place the cluster in.
Change Change/createRabbitMQCluster View/getRabbitMQClusterList
View/getVPCList
View/getVPCDetail
View/getSubnetList
View/getSubnetDetail
- - Create RabbitMQ cluster.
Change Change/deleteRabbitMQCluster View/getRabbitMQClusterList
View/getRabbitMQClusterDetail
Cluster - Delete RabbitMQ cluster.
Change Change/manageRabbitMQUser View/getRabbitMQClusterList
View/getRabbitMQClusterDetail
Cluster - Manage RabbitMQ cluster user
Change Change/useRabbitMQMgmtUI View/getRabbitMQClusterList
View/getRabbitMQClusterDetail
Cluster - Use RabbitMQ UI used in RabbitMQ cluster.
Change Change/updateRabbitMQCluster View/getRabbitMQClusterList
View/getRabbitMQClusterDetail
Cluster - Modify RabbitMQ cluster settings.
Caution

Even when you are granted permission for a specific action, if you are not also granted permissions for the related actions that are required, then you won't be able to perform jobs properly. To prevent such issues, Sub Account provides a feature that automatically grants permissions for related actions when granting action permissions. However, if you deselect related actions that are automatically granted, then the system determines that it was done intentionally by the main account user and won't forcibly include them. So, be careful when setting permissions.


Was this article helpful?

What's Next