Hey, currently I'm evaluating Cloudstack as internal orchestration software to reach cloud speed and flexibility. PXE and manual configuration of network devices is too slow and expensive for some projects.
In the first step our customers will not have direct access to the Cloudstack Api or UI. Based on my understanding Cloudstack does not support a permission model, where it's possible to assign users to groups, groups to tenants and permissions per tenant to groups. How do you handle central authentication, ldap, with multiple tenants and operation teams in combination with tenant resource dedication and the principle of least privilege? Enjoy your weekend. Thanks, Robert
