Group Code or Cloud Code must be unique or can be same

Hi,

The code for a group or cloud must be unique, or can we use the same code for multiple groups or clouds?

I am looking to use group code in the naming policy.

There are multiple groups like dev-vmw, dev-aws, prod-vmw, prod-aws

When the user provisions the instance to the dev-vmw and dev-aws groups, The naming policy will use the same group code, like “dev”. prod-vmw and prod-aws will be prod code.

I’d appreciate it if you could suggest other options to achieve it.

Thanks,
Aung

They do not have to be unique.

1 Like

Thanks for your prompt response.

1 Like

That said, it’s not good practice to make groups cloud type specific. You will lose a lot of ability for future RBAC as needed. I.E - What if one set of users need access to 3/10 VMs, and another group needs access to 7/10 VMs on those clouds.

Groups should really represent user groups. Could have a dev-linuxengineering, prod-linuxengineering group. It would better serve you in the future.

1 Like

Thank you so much for providing good practice. However, customers wanted to be controlled based on the environment like VMware Prod, AWS Prod, etc; that’s why we used group and cloud one-to-one mapping, as RBAC doesn’t have to control based on individual cloud. Later, there might be multiple user roles assigned to users to access from multiple groups.