Manage WatchGuard Cloud Operators and Roles
Users who can log in to WatchGuard Cloud to view and manage account information and configure services are called operators. Your operator role determines what information you can see and what actions you can take within your own account or managed accounts.
There are different operator roles for Subscriber accounts and Service Provider accounts.
Operators are separate from licensed users of services such as AuthPoint. They do not require a license and can only log in to WatchGuard Cloud. A separate user account must be created for any operator who uses a security service.
You add and manage the operators and roles for your account on the My Account page in WatchGuard Cloud. For more information, go to Add Operators to Your Account.
Built-in Subscriber Operator Roles
There are four built-in operator roles for Subscriber accounts:
- Administrator — Administrators have full permissions within their Subscriber account and managed services. They can add custom branding options to the account. They are the only Subscriber operators who can add, edit, and delete other operators. Administrators have access to the Advanced Visualization Tool with a WatchGuard Endpoint Security license and the Advanced Reporting Tool or Data Control module.
- Analyst — Analysts have full permissions to configure services and read-only permission everywhere else.
- Observer — Observers have read-only permission throughout their account.
- No Access — Operators who have the No Access role cannot log in to WatchGuard Cloud until they are assigned a different role.
If you add an operator to a tier-1 Subscriber account, or a tier-n Service Provider or Subscriber account, the new operator can only log in to WatchGuard Cloud (cloud.watchguard.com), not Support Center.
Built-in Service Provider Operator Roles
There are five built-in operator roles for Service Provider accounts:
- Owner — Owners have full permissions within their Service Provider account and managed services. They can add custom branding options to the account. They are the only Service Provider operators who can add, edit, and delete operators for their account. When there is an Endpoint Security product license and modules, Owners could have access to the Advanced Visualization Tool (Advanced Reporting Tool or Data Control modules).
- Sales — Sales operators have full permissions for inventory and account management, but read-only permission for configure services and operators.
- Helpdesk — Helpdesk operators have full permissions to configure services and read-only permission everywhere else.
- Auditor — Auditors have read-only permission throughout their Service Provider account.
- No Access — Operators who have the No Access role cannot log in to WatchGuard Cloud until they are assigned a different role.
Role Mapping
Because different operator roles are available for Service Providers and Subscribers, when Service Providers look at a Subscriber account, their permissions are mapped to the relevant Subscriber operator role.
This is called role mapping, and it is when the permissions of the Service Provider operator are mapped to the permissions of a Subscriber operator role. Role mapping occurs when a Service Provider operator looks at the Subscriber account for a managed account or their own Subscriber account.
Service Provider Role | Mapped Subscriber Role |
---|---|
Owner | Administrator |
Sales | Observer |
Helpdesk | Analyst |
Auditor | Observer |