Cloud Management and AIOps
This is an IBM Automation portal for Cloud Management, Technology Cost Management, Network Automation and AIOps products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).
Shape the future of IBM!
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Search existing ideas
Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,
Post your ideas
Post an idea.
Get feedback from the IBM team and other customers to refine your idea.
Follow the idea through the IBM Ideas process.
Specific links you will want to bookmark for future use
Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.
IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.
ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.
I would like to add that additionally to the "Implement Custom Roles" it should be possible to authenticate a user with multiple roles via SSO.
If a user has a role to acces group of VM 'X' and also the role to access group 'Y' he should see both groups in Turbonomic and not only one group depending on which role Turbonomic read first.
I am expecting at least read-only role in PMC. We need this so that users can see what schedule is attached to which server.
a lot of people are on the right track here. Business Case: We want to have Application Teams OWN their own Azure Subscriptions or AWS Accounts - and be able to create policies within those areas, but not affect other app teams.
Enhanced RBAC would have been particularly useful for a global retailer using a custom integration to sync Turbo accounts with AAD groups. Once the integration sync ran, Turbo applied the rule of least privilege, which prevented any AAD accounts from having Site Admin effective permissions.
It would also be important to allow users to have different effective permissions for different Turbo scopes (Admin for some, Observer for others, etc.)
This would be useful for PwC to enable their client organizations to have more autonomy. The ability to grant scoped users the ability to create groups & policies would be a great enhancement.
Volvo Cars asked about custom roles/better RBAC as part of the recent deployment
One of the most important feature which would require a more granular role definition for RBAC would be: let "RO" users create groups. Another one would be: let power user have only a certain scope but create groups and policies for their scope.
More generally speaking that would open the path for being multitenant.
This will be crucial at large public cloud orgs. Account owners with scoped access will not only want to be able to manually execute actions but may also want to create automation policies for their own accounts.
Gainwell also requests that this feature get added and or enhanced. They need users to be able to manage all aspects of a particular scope but not others.
Hello Team ,
I am expecting at least read-only role in PMC. We need this so that users can see what schedule is attached to which server.
Regards
Vivek Kumar