When editing the Firewall Object Address with the type of Interface Subnet, FortiManager will throw the following error:

By FortiManager's nature, this type of object cannot be edited in terms of its interface settings and per-device mappings. The CLI script can be used to reconfigure the per-device mappings of the object.

Navigate under Device Manager -> Scripts and select 'Create New':

Input the Script Name and ensure that 'Run Script on' is set to 'Policy Package or ADOM Database':

Select 'OK' after confirming the script is completed, select the script that has just been created and select 'Run Script'.

The policy package can be 'default' as the script will make changes to the FortiManager database instead of any of the Policy packages. Select 'Run Now':

After the script runs successfully, check the Firewall Address Object to ensure changes have been implemented in the database.

Note:

The existing configuration in the FortiManager database can be fetched using the following command:

execute fmpolicy print-adom-database <adom> “firewall address” <Name of the object>

The output of the command can be used as the reference to create the script.