Skip to content

Commit df3a19b

Browse files
Maddy-CloudflareOxyjun
Maddy-Cloudflare
and
Oxyjun
authored
[Email Security] Update Email Security roles across all pages (#24737)
* [Email Security] Update Email Security roles across all pages * Updating page * Addressing Pete's suggestion * Update src/content/docs/fundamentals/manage-members/roles.mdx Co-authored-by: Jun Lee <[email protected]> --------- Co-authored-by: Jun Lee <[email protected]>
1 parent 11fc620 commit df3a19b

File tree

3 files changed

+16
-13
lines changed

3 files changed

+16
-13
lines changed

src/content/docs/cloudflare-one/roles-permissions.mdx

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -44,12 +44,12 @@ The Cloudflare Zero Trust PII role does not apply to Access audit logs. PII is a
4444

4545
For more information on Email Security roles, refer to [Account-scoped roles](/fundamentals/manage-members/roles/#account-scoped-roles).
4646

47-
- **Cloudflare Zero Trust**: Super Admin access for all Zero Trust products, Email Security included.
47+
- **Cloudflare Zero Trust**: Can edit Cloudflare [Zero Trust](/cloudflare-one/). Grants administrator access to all Zero Trust products including Access, Gateway, WARP, Tunnel, Browser Isolation, CASB, DLP, DEX, and Email Security.
4848
- **Cloudflare Zero Trust PII**: Can read PII in Zero Trust. This includes Email Security.
49-
- **Email Security Analyst** and **Email Security Config Admin**: Has full access to all admin features in Email Security.
49+
- **Email Security Analyst** and **Email Security Configuration Admin**: Has full access to all admin features in Email Security.
5050
- **Email Security Integration Admin**: Can read and set up integrations only.
51-
- **Email Security Config Admin**: Has administrator access. Cannot take actions on emails, or read emails.
51+
- **Email Security Configuration Admin**: Has administrator access. Cannot take actions on emails, or read emails.
5252
- **Email Security Analyst**: Has analyst access. Can take action on emails and read emails.
5353
- **Email Security Reporting**: Can read metrics.
5454
- **Email Security Read Only**: Can read all information, but cannot take action on anything.
55-
- **Email Security Policy Admin**: Can read all settings, but only write allow policies, trusted domains, and blocked senders.
55+
- **Email Security Policy Admin**: Can read all settings, but only write [allow policies](/cloudflare-one/email-security/detection-settings/allow-policies/), [trusted domains](/cloudflare-one/email-security/detection-settings/trusted-domains/), and [blocked senders](/cloudflare-one/email-security/detection-settings/blocked-senders/).

src/content/docs/email-security/migrate-to-email-security.mdx

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -25,11 +25,13 @@ Once you have added new account members, you will have to assign each member an
2525

2626
| Area 1 | Email Security | Description |
2727
|---------------------|--------------------------------------------------------------------|--------------------------------------------------------------|
28-
| Super Admin | Email Security Analyst + Email Security Config Admin = Super Admin | Has full access to all products on Zero Trust Email Security |
29-
| Configuration Admin | Email Security Configuration Admin | Admin, cannot take actions on emails or see emails |
30-
| SOC Analyst | Email Security Analyst | Admin, can take actions on emails and see emails |
31-
| Viewer | Email Security Reporting | Can see metrics |
28+
| N/A | Cloudflare Zero Trust | Can edit Cloudflare [Zero Trust](/cloudflare-one/). Has administrator access to all Zero Trust products including Access, Gateway, WARP, Tunnel, Browser Isolation, CASB, DLP, DEX, and Email Security. |
29+
| Super Admin | Email Security Analyst + Email Security Configuration Admin = Super Admin | Has full access to all admin features in Email Security |
30+
| Configuration Admin | Email Security Configuration Admin | Has administrator access. Cannot take actions on emails, or read emails |
31+
| SOC Analyst | Email Security Analyst | Has analyst access. Can take action on emails and read emails. |
32+
| Viewer | Email Security Reporting | Can read metrics |
3233
|N/A | Cloudflare Zero Trust PII | Can read PII in Zero Trust (this includes Email Security)
34+
|N/A | Email Security Policy Admin | Can read all settings, but only write allow policies, trusted domains, and blocked senders |
3335

3436
## Create webhooks
3537

src/content/docs/fundamentals/manage-members/roles.mdx

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -39,11 +39,12 @@ Account-scoped roles apply across an entire Cloudflare account, and through all
3939
| Cloudflare Zero Trust Read Only | Can access [Cloudflare Zero Trust](/cloudflare-one/) read only mode. |
4040
| Cloudflare Zero Trust Reporting | Can access [Cloudflare Zero Trust](/cloudflare-one/) reporting data. |
4141
| DNS | Can edit [DNS records](/dns/manage-dns-records/). |
42-
| Email Configuration Admin | Grants write access to all of Email Security, [CASB](/cloudflare-one/applications/casb/), [DLP](/cloudflare-one/policies/data-loss-prevention/), [Gateway](/cloudflare-one/policies/gateway/), and [Tunnels](/cloudflare-one/connections/connect-networks/), except Mail Preview, Raw Email, on-demand reports, actions on emails, and Submissions, Submission Transparency (Requires Cloudflare Zero Trust PII). |
43-
| Email Integration Admin | Grants write access to Email Security account integration only, [CASB](/cloudflare-one/applications/casb/), [DLP](/cloudflare-one/policies/data-loss-prevention/), [Gateway](/cloudflare-one/policies/gateway/), and [Tunnels](/cloudflare-one/connections/connect-networks/). |
44-
| Email Security Analyst | Grants write access to all of Email Security, except Settings which is read only (Requires Cloudflare Zero Trust PII). |
45-
| Email Security Read Only | Grants read access to all of Email Security, but cannot see Raw Email, take action on emails, or make Submissions (Requires Cloudflare Zero Trust PII). |
46-
| Email Security Reporting | Grants read access to Email Security Home, PhishGuard, and Submission Transparency. |
42+
| Email Configuration Admin | Grants administrator access to Email Security. Cannot take actions on emails, or read emails. |
43+
| Email Integration Admin | Grants read and write access to integrations only. |
44+
| Email Security Analyst | Grants analyst access. Can take action on emails and read emails. |
45+
| Email Security Read Only | Grants read only access to all of Email Security. |
46+
| Email Security Reporting | Grants read access to Email Security metrics. |
47+
| Email Security Policy Admin | Grants read access to all settings, and write access to [allow policies](/cloudflare-one/email-security/detection-settings/allow-policies/), [trusted domains](/cloudflare-one/email-security/detection-settings/trusted-domains/), and [blocked senders](/cloudflare-one/email-security/detection-settings/blocked-senders/) |
4748
| Firewall | Can edit [WAF](/waf/), [IP Access rules](/waf/tools/ip-access-rules/), [Zone Lockdown](/waf/tools/zone-lockdown/) settings, and [Cache Rules](/cache/how-to/cache-rules/). |
4849
| Load Balancer | Can edit [Load Balancers](/load-balancing/), Pools, Origins, and Health Checks. |
4950
| Log Share | Can edit [Log Share](/logs/) configuration. |

0 commit comments

Comments
 (0)