| Description | This article describes how IAM users can create API keys and access the rest of the module with read-only access. |
| Scope | FortiAppSec Cloud. |
| Solution |
To provide API key access to an IAM user, first, the user should have an IAM user account with a permission profile. In this example permission profile will allow read-only access to all the modules and read-write access to the General module.
Step1: Navigate to support.fortinet.com and select Services -> IAM.
Step2: Create Permission profile with 'Read & Write' access 'General' resource and rest of the resources set with 'Read Only' privilege's as below:
Step3: Create an IAM user under Users as below:
Select the permission profile that was created in step2 whiling creating IAM users. Once the IAM user is created, the user can log in with the IAM account username/password navigate to General tab and create an API key for their account as below:
Note: This API user can have 'Read & Write' access to another module of General resource.
If the user has to restrict another module of General resource once the API key is generated by the IAM, the user changes the permission profile with read-only for General resource. |
