I’m trying to understand this in BUs.
- Security roles and users are associated with a business unit. You must assign every user to one (and only one) business unit. When creating a security role, you can choose any business unit according to your business needs or use the root business unit if there are no specific requirements.
Ref:
I read that but I can have the same user in different BUs. I can have User1 in ChildBU1 and in ChildBU2.

Here you can see that ChildBU1 and ChildBU2 are in different teams using different SGs.

My question is why does it say that I can only assign a user to one BU? I understand that a user shouldn’t be assigned different roles. Rationally that makes sense but it looks like we can assign the same user a different role in the same environment if the same user is in a different SG.
Or am I totally off the mark?