We have an enviornment in which we would like to offer Organization Admin level access only to the "Automation Execution" and/or "Automation Decision" sections within Ansible Automation Platform.

The issue we currently have is that we are only able to assing the overall "Organization Admin" role to users for one or more organizations using LDAP mapping.

This however also provides them admin access on Organization level to the "Automation Content". This is access we would rarely wish to provide to the users of Ansible Automation Platform (except for a small group of users).

When it comes to providing access to users/teams to the "Automation Execution" and/or "Automation Decision" sections using roles other than "Organization Admin", it only seems possible to assign this access to specific (already existing) resources within those sections.

We would like to provide admin access (or other levels of access) to users on an Organization level. So that they have access to all current and future resources within the organization that that level of access provides.

What is the best way for setting up granular access to current and future resources "Automation Execution" and/or "Automation Decision" within Ansible Automation Platform 2.5?

Environment details:

```

Ansible Automation Platform 2.5
Automation Controller Version 4.6.16
Event-Driven Ansible Version 1.1.11
Automation Hub Version 4.10.5

```