Custom Operator Roles — Configuration Examples

Operator roles and the permissions in a role determine what information an operator can see and the actions they can take in their own account and accounts they manage. This topic describes how to create roles with permissions for these common configuration examples:

Your operator role determines what you can see and do in WatchGuard Cloud. The permission to add, edit, and delete a custom operator role is available only to operators with the Owner (Service Provider) or Administrator (Subscriber) built-in role.

Administrator Access for AuthPoint Only

In this example, you want to create a new administrator role for AuthPoint that includes full administrative privileges for AuthPoint-related functionality but no access to other products, user management, or license management.

To create an AuthPoint administrator role:

  1. From Account Manager, select the Service Provider account you want to add the new role for.
  2. Select Administration > Operators and Roles.
  3. On the Role page, click Add Role.
  4. In the Role Name text box, type a name for the custom role (for example, AuthPoint Admin). The role name must be unique and a minimum of four characters. It cannot be the same as any of the built-in role names.
    Role names can include up to 60 characters, and can contain alphanumeric characters, underscores, hyphens, periods, and spaces. You can use periods only in the middle of a role name.
  5. From the Built-in Role drop-down list, select Owner.
  6. In the Additional Permissions section, clear all of the check boxes, except AuthPoint.

Screen shot of Add Role dialog box for custom operator roles

  1. Click Save.
  2. On the Operators page, assign this role to the desired operator.
    For more information, go to Add Operators to Your Account.

Inventory Management Only

In this example, you want to create a new role for an operator who can manage inventory but has no access to product configuration or monitoring.

To create an inventory management role:

  1. From Account Manager, select the Service Provider account you want to add the new role for.
  2. Select Administration > Operators and Roles.
  3. On the Role page, click Add Role.
  4. In the Role Name text box, type a name for the custom role (for example, Inventory Admin). The role name must be unique and a minimum of four characters. It cannot be the same as any of the built-in role names.
    Role names can include up to 60 characters, and can contain alphanumeric characters, underscores, hyphens, periods, and spaces. You can use periods only in the middle of a role name.
  5. From the Built-in Role drop-down list, select Owner.
  6. In the Additional Permissions section, select the Service Provider Administration and Manage Inventory check boxes.

Screen shot of Add Role dialog box for custom operator roles

  1. Clear all other check boxes.
  2. Click Save.

  3. On the Operators page, assign this role to the desired operator.
    For more information, go to Add Operators to Your Account.

Limited Administration with Reporting and Alerts Access

In this example, you want to create a new role for an operator who can manage reports and alerts, but has only view-only access to other administration options and products such as AuthPoint.

To create a reporting and alert management role:

  1. From Account Manager, select the Service Provider account you want to add the new role for.
  2. Select Administration > Operators and Roles.
  3. On the Role page, click Add Role.
  4. In the Role Name text box, type a name for the custom role (for example, Reporting Admin). The role name must be unique and a minimum of four characters. It cannot be the same as any of the built-in role names.
    Role names can include up to 60 characters, and can contain alphanumeric characters, underscores, hyphens, periods, and spaces. You can use periods only in the middle of a role name.
  5. From the Built-in Role drop-down list, select Auditor.
  6. To enable read-write permissions, in the Additional Permissions section, select these check boxes:
    • Acknowledge Alerts
    • Configure Notification Rules
    • Schedule Reports

Screen shot of Add Role dialog box for custom operator roles

  1. To limit product access to read-only, do not make any changes to the product check boxes.
  2. Click Save.
  3. On the Operators page, assign this role to the desired operator.
    For more information, go to Add Operators to Your Account.

When WatchGuard adds new features, you can update custom operator roles with access permissions for the new feature. WatchGuard does not automatically update custom operator role definitions when new features release.

Related Topics

Manage WatchGuard Cloud Operators and Roles

Default Permissions for Built-in Roles

Add Operators to Managed Accounts