Hello,
we are managing FGs for customers. All of them are associated to one email adress we use to register the FGs. Sometimes we use also the account to check FortiCloud, connect, etc.
Now we have a partner who is closing the business and the technician wants to be freelance and remain mananung network and everything at these cutomers. Is it possible to give him another FortiCloud Access so that he can at least also download Firmwares, etc. His account has no FG registered so he cant do much. Otherwise we have to give up our registration? Also something we dont really want.
Is there another way? I cant give him access to all our FGs, there are different partners and customers.
Thanks!
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello @RolandBaumgaertner72 ,
You can use the IAM Account for your request.
You can review this document. This document helps you, how to create, manage, or restrict IAM Account.
Hi,
I dont get it. Maybe it is a subscription issue, we only have the free Forticloud subscription.
Within my Forticloud Access > My Account and I get to https://support.fortinet.com/Account/Profile
There I can create a new account in manage user. I created a test account with limited access and I can choose the serials or FGs where the usar can access to.
Than I login with this test user in Forticloud and I see that he has access to ALL FGs, he can see ALL of them. I checked only 5 FGs but this test user has the same access rights as my user.
I guess this is not a IAM User but if I go to My Account (IAM version) I just see my user and i cant add another user.
Thanks!
Created on 03-07-2024 12:53 AM Edited on 03-07-2024 12:55 AM
Hello @RolandBaumgaertner72 ,
The IAM is not a paid feature. You can create or manage IAM users on this menu. I have also a free version of FortiCloud, I can create IAM user and I can restrict their account with specific units (With asset folder feature).
Hi,
OK I was able to create a new user in the IAM and specify his permission profile but I still dont know where I can associate him with only x FGs and not to have access to all our assets.
I was looking in Asset management but I dont see the option.
Please help ;)
Thanks!
Hello @RolandBaumgaertner72 ,
Firstly, you need to create a sub-folder on your asset management page. After that, you need to move the specified unit to this sub folder. Like This.
After these steps. You need to create a permission profile on the IAM page. For example like that. This permission is enough for Downloading images, creating cases, and managing Fortigate from the cloud. You can change these permissions however you want.
After these steps, you can create an IAM user with these permissions. You need to select your sub folder and your permissions profile in step 2.
If you can complete these steps. Enough for create IAM user and restrict their permissions.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1547 | |
1031 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.