Is it possible to have different permission per domain (e.g., edit DNS on one, read-only on other)?

Wondering how to give the same user in Cloudflare write access to one domain, but read-only to another. Reviewed: https://developers.cloudflare.com/fundamentals/setup/manage-members/manage/ Looking at: Home > Manage Account > Members
Cloudflare Docs
Manage account members · Cloudflare Fundamentals docs
Learn how to add new account members, edit or revoke their permissions and access, and resend verifications emails.
7 Replies
William Callahan
William CallahanOP8mo ago
@Helpflare Anybody?
Chaika
Chaika8mo ago
helpflare is a bot, pinging it wouldn't do anything (And besides pinging champs/etc randomly isn't allowed & isn't very nice anyway) as far as I know the simple answer is you can't, you can make a list of domains but perms would have to be equal cf's rbac is lacking in quite a few ways
William Callahan
William CallahanOP8mo ago
Thanks @Chaika for both details, very kind of you
Chaika
Chaika8mo ago
the only way I can think of to get around that limitation would be to have two separate users for them readonly domains and edit dns domain users hacky though
William Callahan
William CallahanOP8mo ago
yeah, which means they'd have to make two separate cloudflare accounts, got it, thanks for the idea; definitely undesireable indeed or i could make two separate accounts perhaps for the org(s) alternatively, and separately give permissions
Chaika
Chaika8mo ago
yea, if you make two different accounts they make two different orgs, and you could make one of the accounts your primary account and invite it as a superadmin to the other, and then for your user they could simply have one account and they just get the org picker on login
William Callahan
William CallahanOP8mo ago
Good thinking
Want results from more Discord servers?
Add your server