When you create a Cloud Manager account for a user, you can give the user an Organization scope or a System scope. The scope determines what roles can be assigned to the user.
A user with the Organization scope (referred to as an Organization user or Organization member) is assigned membership in a specific organization and can hold Organization roles. These roles provide rights to perform activities within the user’s organization, such as creating business groups, allocating organization resources to the business groups, and deploying business services.
A user with the System scope (referred to as a System user) is not assigned membership in an organization and can hold System roles. These roles provide rights to perform system-level activities, such as configuring the Cloud Manager system, creating zones, creating organizations, creating groups of resources for use by organizations, and monitoring zone and organization resource capacity. In addition, System users can be assigned Organization roles for any organization in the system.
Organization and System scopes also apply to user groups, meaning that there are System user groups and Organization user groups. Users groups are discussed in Cloud Manager User Groups versus LDAP User Groups.
Both System roles and Organization roles are discussed in detail in Cloud Manager Roles.