Headline:
NSX-T Server groups object should be group specific to support Group level isolation in Morpheus UI
Description:
As a Morpheus user I should able to create multiple infrastructure groups and control NSX object visibility at the groups level by changing the user role group level permission.
Example/Use case(s):
Here is my scenario:
Onboard VMware vCenter and NSX-T from master tenant and assign to subtenanat.
-
Create two tenant user by assigning to separate user roles.
User-A-Role-A, User-B role-B -
Create 2 infrastructure groups and assign to respective tenant user roles
Role-A to Group-A and Role-B to Group B -
Login as User A and create service groups from Networks-Integration-> Groups
-
Login as User B and create service groups from Networks-Integration-> Groups
Here the expectation is User-A should not see User-B objects created and vice versa.
Please note. The vCenter and NSX-T are shared to User-A and User-B.
Solution could be add a group level permission for “Infrastructure: Network Server Groups”