We currently have a single team and multiple projects, with each project containing an group of App Services and Databases that make up a single website. Each project is another website.

The goal is allow us to set up restrictions so that someone can have (hopefully read-only) access to a single website/project, but not any other project.

I was reading over the announcement about Organizations https://docs.digitalocean.com/platform/organizations/ and I’m wondering if this would work for us?

If we turn our current team into an Organization, could I then migrate one of the projects to another Team, which would be the same as our existing team but with the addition of the read-only user. That way the read-only user would have access to only that one project because it would be the only account that the team they belong to can access.

Then our other users would still be able to access the Projects that remain in the current Team account, as well as the newly migrated Project, hopefully with an easy ‘switching teams’ method.

Is my understanding correct? If so, how do we migrate a Project and/or its resources from one team to another (they are all App services and Managed DBs, no droplets and we don’t care if IP addresses change)