The current delegated administration model defines coarse-grained entitlements when it comes to Connectors and Resources: either an administrator can manage all connectors and / or all resources, or cannot.
By associating Connectors (and Resources, by consequence) to Realms, it is possible to grant entitlements (via Roles) to a given subset of all available Connector and Resources, e.g. the ones associated to specific Realm(s).
- if a Connector has the Realm /a/b/c assigned, then it would be manageable by users owning the CONNECTOR_UPDATE on Realm /a/b/c (or one of its parents)
- if a Resource is related to a Connector with the Realm /a/b/c assigned, then it would be manageable by users owning the RESOURCE_UPDATE on Realm /a/b/c (or one of its parents)