I work in an environment that uses Folders and Permissions Heavily, and there doesn't seem to be any way to manage the same level of RBAC or categorization within the cloud.
Let's say I have 1000 VM's all in the same cluster for a given client. The client has many divisions within their organization that demand different levels of access, these divisions are separated into folders, and subfolders. Some groups need full Administrative control of a folder of VMs, while other groups only need Console Access. Groups are assigned to the applicable folders they need access to.
Inside the cloud, there's no such alignment. It's either in the 'Organization' or not. There's no way to manage folders, categories, or any sort of logical separation. The closest would be using vApps, which aren't meant to be a logical construct.
Am I missing something?
when you create you vCloud users, you can assign roles and permissions for each tenant/org
see attached screenshot
Am I missing something in your question?