My goal is to have a group of users be able to create VMs in a resource pool. Have them test what the need on the VM then if it works as they expect I want to move the VM into another Resource pool and allow those same users to only be able to power on the VM.
I have 2 roles created. 1 with all the privileges to create a VM, and 1 that has the power on only privilege.
I have these roles assigned to resource pools like this:
Pool1: Production VMs - Power on Role
Pool2: Sandbox - CreateVM Only Role
The issue is that while this works great - if I move the newly created VM from the Sandbox to the Production VM resource pool the privileges do not propagate.
It seems like propagation does not apply to VM moves into a pool. Am I missing something?