Organization-based VM Access Filtering #1395
Comments
|
If I understand correctly, you're looking for a better visual separation between projects from different organizations. If that's correct, I figure adding an extra "level" in the tree structure might work as well? Something like: One limiting factor is that looking up the organization requires the Organization Viewer role, and not everybody has that role. In that case, we'd have to group projects under a pseudo node such as Unknown organization. Of course, there's also the option to have separate profiles and you could maintain one profile per client. That's more heavyweight, but it also (optionally) allows you to use different user accounts. Is that something you have considered? |
|
It's exactly like what you draw in your diagram! You're right about the role; in my case, I do have it. We also thought about different profiles, but in my case, I manage more than 20 organizations, so the process would be quite complex and tedious. |
As an SRE responsible for managing multiple organizations across different clients within Google Cloud Platform.
Proposed Solution:
Introducing a new feature that enables access filtering based on organizations. This feature could be implemented as follows:
Add a dropdown menu within the access control settings, labeled "Organization Filter".
By default, the dropdown would display "All", allowing unrestricted access to VMs across all organizations.
Users would have the option to select a specific organization
Upon selecting a particular organization, IAPDesktop would only display VMs associated with projects within that organization
The text was updated successfully, but these errors were encountered: