A big thank you goes to David Lefebvre for inspiration and ground work and a late session on a Friday...
This is an example of different users in different groups having access to the same virtual resources and different levels of access controls.
The set up:
The dev user is in the dev group
The operations user is in the operations group
The dev group set up:
The operations group setup:
The group share policy:
Two user rolls defined:
User role that can do very little:
Select all and then take away VM items power on/off and so on
User role that can do a lot:
Dev user definition:
Operations user:
Dev User end user session:
Operations User end user session: