Before adding CPU, first, it is necessary to check how many cores the license has. For that, execute this command in the firewall CLI:

diagnose debug vm-print-license

Key: yes
Cert: yes
Key2: yes
Cert2: yes
Model: 01 (5)
CPU: 1 -> Number of CPU.
MEM: —
VDOM license:
permanent: 10
subscription: 0

In this device license, there is only one CPU, so it is not possible to add one more CPU. To specifically check how many CPUs are used, execute the following command:

execute cpu show

If multiple CPUs are allowed for the license, execute this command in the firewall:

Enter: 

execute cpu add <number_of_new_vCPUs>.

Once the CPU is added, reboot the firewall.

Execute this command in the firewall 'get system status', and the number of CPUs currently running in the firewall will appear:

     get system status | grep "VM Resources"

Note:

In general, a minimum of 8 cores is required for a FortiGate-VM to receive the full extended IPS database. From v7.6.0 onwards, regardless of the number of vCPUs, FortiGate VM now receives IPS full extended database. 

If the FortiGate license is not updated, it will still present the same amount of CPU usage, which is in the current license even though the CPU numbers in VMs were increased.

For example: If the VM size in Azure is 8 vCPUs, but the license is FG-VM02, FortiGate will still only see and use 2 vCPUs.

Related document:

Changes in default behavior in 7.6.0