We allow all users to create groups in USM which allows them to categorize their own servers however they need. This seems to be a global level setting though and also comes with the ability to delete and modify groups. We are also using USM groups to define which monitoring profiles are deployed through MCS, which we do not want anyone but admins to be able to modify.
Ideally we would only allow users to create/modify groups within a certain container. Admins would have the same access as today. Is there a way to separate these permissions?