To provide more granular controls, we refined the existing roles for Email Security and launched a new Email Security role as well.
All Email Security roles no longer have read or write access to any of the other Zero Trust products:
- Email Configuration Admin
- Email Integration Admin
- Email Security Read Only
- Email Security Analyst
- Email Security Policy Admin
- Email Security Reporting
To configure Data Loss Prevention (DLP) or Remote Browser Isolation (RBI), you now need to be an admin for the Zero Trust dashboard with the Cloudflare Zero Trust role.
Also through customer feedback, we have created a new additive role to allow Email Security Analyst to create, edit, and delete Email Security policies, without needing to provide access via the Email Configuration Admin role. This role is called Email Security Policy Admin, which can read all settings, but has write access to allow policies, trusted domains, and blocked senders.
This feature is available across these Email Security packages:
- Advantage
- Enterprise
- Enterprise + PhishGuard
Source: Cloudflare
Latest Posts
- IAM Identity Center now enables programmatic AWS account access for customer managed applications
- AWS End User Messaging RCS now supports rich media and interactive messaging
- Amazon SageMaker AI now supports serverless model customization for Gemma 4 models
- Amazon Time Sync Service adds support for Microsecond accurate time on 26 additional EC2 instance types in all commercial regions
