With the Enterprise Tenancy approach how would you add groups of users to specific catalog services (while not entitling others to the same)?
How do you enable/control pools of resources you provision to, and how does each group created impact chargeback?
Also, does anyone know the advantages of Tenantless over Tenancy?
Any help, advice or links to documentation on how this is done would be great.
Hi @Navaho1206,
I can only speak to a couple of your questions.
You can use ManageIQ’s tags to limit resources to specific groups of users. For example, you could create a “prov_scope” tag for “developers”. Assign this as an access filter for the “developers” group, and then tag the service catalog items with the prov_scope “developers”.
You can control tenant access (“pools of resources”) in a similar way, simply tagging the cloud-tenant with a tag that’s an access filter for the group.
I then create a custom service dialog, and when listing the tenants the user can provision to, do (note that prov_scope is the only group access filter defined, hence the “0” for the array index):
group = $evm.root['miq_group']
group_filters = group.filters["managed"][0]
dialog_hash = {}
if group_filters
group_filters.each do |groupTag|
tenants = $evm.vmdb(:cloud_tenant).find_tagged_with(:all => "#{groupTag}", :ns => "*")
tenants.each do |tenant|
dialog_hash[tenant.name] = "#{tenant.name}"
end
end
endHi Shane,
Thank you for your response. This has helped me greatly!!!