Read-only Role

A user assigned the Read-Only role sees this blue banner on every page:

Users with the Read-Only role can do the following:

  • View any page or any setting in Security Cloud Control.

  • Search and filter the contents of any page.

  • Compare device configurations, view the change log, and see VPN mappings.

  • View every warning regarding any setting or object on any page.

  • Generate, refresh, and revoke their own API tokens. Note that if a read-only user revokes their own token, they cannot recreate it.

  • Contact support through our interface and can export a change log.

Read-Only users cannot do the following:

  • Create, update, configure, or delete anything on any page.

  • Onboard devices.

  • Step-through the tasks needed to create something like an object or a policy, but not be able to save it.

  • Create Security Cloud Control user records.

  • Change user role.

  • Attach or detach access rules to a policy.