Concepts and Terminologies
This page provides explanations and links to concepts and terminologies used in the JCV Cloud to help users better understand the service.
Accounts
An account is a for-business user registered on JCV Cloud for various management and operational purposes. A unique company email address is required to create an account. Since JCV Cloud is an open platform, everyone is welcome to generate one.
During the registration process, you can also upload an image as the avatar for your account. Do not worry about leaking this image, as this image is only visible to organizations you have joined🔒. In the future, we will allow you to sign in with your face compared to your avatar. So please update an actual photo of yourself if you are interested in this feature.
Organizations
An organization is a collection of accounts for service management. It is indispensable for using any services on JCV Cloud. Service side menu options are only visible when your account belongs to an organization. An organization is also an object for Billing, roles, and privilege settings. Building solution services based on various element services is possible only within the same organization.
Usually, an organization is equal to a company. But you can also use organization flexibly by separating it by your projects or teams. Just remember that Billing will also proceed separately.
One organization can include multiple accounts, and one account can belong to at most 20 organizations. Account information is only visible to members inside the same organization with the according privileges. Removing an account from an organization will not delete the account itself since the ownership still belongs to the email owner.
Security groups
A security group is a group of accounts inside an organization for RBAC (Role-Based Access Control). It is used in the privilege menu to assign specific privileges of a service instance to accounts inside security groups. One account can belong to multiple security groups, and one security group can include multiple accounts. There is currently no limit on the number of security groups. Deleting the security groups will not remove accounts from the organization.
Roles
A role is the operation scope of an account in an organization. Each account in an organization can be assigned to one of the three roles below. (Items in '*' are features that are not implemented yet.)
- Admin
An admin role in an organization is an account type that has all privileges and permissions that include but is not limited to updating the organization profile, managing payment methods*, inviting and removing members, changing other members' roles, modifying service instance privileges*, starting, managing and ending services, and viewing or downloading billing documents*. An organization must have at least one Admin account but can have more than one Admin account. An admin account cannot downgrade their role.
- Billing
A billing role in an organization is an account type with permissions related to orders and billing that include but are not limited to managing payment methods* and viewing or downloading billing documents*. An organization can have more than one billing account. A billing account cannot modify its role.
- Member
A member role in an organization is a general account type that can only use the services an admin account has granted data privileges.
Here is a list of role permissions inside an organization.
Categories | Permissions | Admin | Billing | Member |
---|---|---|---|---|
Profile | View | Yes | No | No |
Profile | Update | Yes | No | No |
Members | View | Yes | No | No |
Members | Invite | Yes | No | No |
Members | Change roles of others | Yes | No | No |
Members | Change role of self | No | No | No |
Members | Remove | Yes | No | No |
Members - Security Group | View | Yes | No | No |
Members - Security Group | Create | Yes | No | No |
Members - Security Group | Update | Yes | No | No |
Members - Security Group | Delete | Yes | No | No |
Members - Security Group | Add members to a group | Yes | No | No |
Members - Security Group | Remove members from a group | Yes | No | No |
Billing - Dashboard* | View* | Yes | Yes | No |
Billing - Invoice* | View* | Yes | Yes | No |
Billing - Invoice* | Download* | Yes | Yes | No |
Billing - Payment Methods* | View* | Yes | Yes | No |
Billing - Payment Methods* | Create* | Yes | Yes | No |
Billing - Payment Methods* | Update* | Yes | Yes | No |
Billing - Payment Methods* | Delete* | Yes | Yes | No |
Privileges - Service Instances* | Add groups* | Yes | No | No |
Privileges - Service Instances* | Change the permission* | Yes | No | No |
Privileges - Service Instances* | Remove groups* | Yes | No | No |
{Service} - {Instance} | View | Yes | Yes** | Yes** |
{Service} - {Instance} | Create | Yes | No | No |
{Service} - {Instance} | Change plan* | Yes | No | No |
{Service} - {Instance} | Delete* | Yes | No | No |
*: Features that are not implemented yet
**: Depends on the privileges
Service regions
A service region is a geographical separation of service endpoints and data storage. Since JCV Cloud is a global cloud service, we offer multiple service regions for global firms to construct their services worldwide. Data of each service region is strictly stored only in the corresponding countries to comply with various data protection regulations. For the details of service regions and countries, please refer to the Regions and Zones of AWS EC2. We recommend choosing the service regions that are physically close to most of your service locations to get better performance and lower latency.
On JCV Cloud, solution services can only be based on asset services within the same region. This will be reflected when creating new service instances. We do not support switching service regions of service instances or data migration between different regions.
Service instances
A service instance is a unit of data isolation and operations. In JCV Cloud, services are delivered and charged by service instances. Also, API access credentials are created by the service instance level, so the system can automatically understand which instance the request is pointing to by its attached API key. Building solution services based on various element services is also based on the service instance level. The creation and maintenance of service instances are mostly the same among most services.
Updated 7 months ago