Group-Based Approvals

Wittling_Mark_CCI-At · October 4, 2022, 3:57pm

Headline:
Group-Based Approvals

Description:
We are using Groups instead of Tenants, because right now, most of our users are internal organizational groups and we were told that this was a better way to go. But not everything in Morpheus is enabled for group-level administration. For example, if I allow someone - a group administrator - access to Approvals in their Role, they can actually see and approve anything on the system, not just the resources within their own group. This is kind of bad. Right now, we are in a situation where we have to full administrative rights (keys to the kingdom) to group administrators (and trust they don’t make huge mistakes), if we want to keep these group-specific tasks off our platform team.

Example/Use case(s):
I’m sure there are other additional use cases, but the use case that drove this Idea post, was Approvals. It doesn’t seem to matter if I put a Approve Delete policy on a cloud or a specific group, if I give a group administrator the ability to approve deletes, they can see and approve ALL approvals on the system, and not the ones confined to just their own group.

henry_br · May 22, 2024, 6:33pm

Bumping this up. Has this been solved in any way? Is it possible now to direct internal Morpheus approval to correct approver role based on group?

Topic		Replies	Views
Approval policies Scope Administration instances , automation	1	126	February 20, 2024
Group Administrator Approval for Deletion of VMs Provisioning & Self Service approvals	0	233	August 29, 2022
Approvals Limited to Groups Provisioning & Self Service approvals	1	293	October 3, 2022
Group and Project Administration groups	2	352	June 7, 2022
Allow users to be put into groups / assigning ownership based on group Ideas ui , open	1	331	July 11, 2023

Group-Based Approvals

Related topics