I’m trying to add additional users to my Cloudflare Pro account, but it seems I can only add them with the Administrator role.
To maintain a sensible and effective security policy, I do not want these users to be administrators. I’d prefer they had read-only access so they can view analytics and traffic logs etc. but not make any potential breaking changes.
This seems like an essential security feature that anyone using Cloudflare in even a small organisation would want to have, at the very least to ensure that a hapless, non-technical manager doesn’t accidentally take the entire website down by playing with a setting they shouldn’t have.
I really do think it’s essential, even for small businesses.
It is a major limitation for us; there are several non-technical people in my organisation who would like access to Cloudflare analytics but who I would not want to burden with the additional risk of being able to change critical site-related settings.
For any business using Cloudflare, it is most likely considered a critical piece of infrastructure. Access to that should be limited in the same way that you wouldn’t give non-technical managers root access to a web server.
I’d like to suggest this really shouldn’t be an Enterprise-only feature.