Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
RolandBaumgaertner72
New Contributor III

Forticloud - Can I have different users to manage FGs?

Hello,

 

we are managing FGs for customers. All of them are associated to one email adress we use to register the FGs. Sometimes we use also the account to check FortiCloud, connect, etc.

 

Now we have a partner who is closing the business and the technician wants to be freelance and remain mananung network and everything at these cutomers. Is it possible to give him another FortiCloud Access so that he can at least also download Firmwares, etc. His account has no FG registered so he cant do much. Otherwise we have to give up our registration? Also something we dont really want.

 

Is there another way? I cant give him access to all our FGs, there are different partners and customers.

 

Thanks! 

5 REPLIES 5
ozkanaltas
Contributor III

Hello @RolandBaumgaertner72 ,

 

You can use the IAM Account for your request. 

 

You can review this document. This document helps you, how to create, manage, or restrict IAM Account.

 

https://docs.fortinet.com/document/forticloud/24.1.0/identity-access-management-iam/5478/adding-iam-...

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
RolandBaumgaertner72
New Contributor III

Hi,

 

I dont get it. Maybe it is a subscription issue, we only have the free Forticloud subscription.

Within my Forticloud Access > My Account and I get to https://support.fortinet.com/Account/Profile

 

There I can create a new account in manage user. I created a test account with limited access and I can choose the serials or FGs where the usar can access to.

 

Than I login with this test user in Forticloud and I see that he has access to ALL FGs, he can see ALL of them. I checked only 5 FGs but this test user has the same access rights as my user.

 

I guess this is not a IAM User but if I go to My Account (IAM version) I just see my user and i cant add another user.

 

Thanks!
 

ozkanaltas

Hello @RolandBaumgaertner72 ,

 

The IAM is not a paid feature. You can create or manage IAM users on this menu. I have also a free version of FortiCloud, I can create IAM user and I can restrict their account with specific units (With asset folder feature).

 

image.png

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
RolandBaumgaertner72
New Contributor III

Hi,

 

OK I was able to create a new user in the IAM and specify his permission profile but I still dont know where I can associate him with only x FGs and not to have access to all our assets.

 

I was looking in Asset management but I dont see the option.


Please help ;)

 

Thanks!

ozkanaltas
Contributor III

Hello @RolandBaumgaertner72 ,

 

Firstly, you need to create a sub-folder on your asset management page. After that, you need to move the specified unit to this sub folder. Like This.

image.png

 

image.png

 

 

After these steps. You need to create a permission profile on the IAM page. For example like that. This permission is enough for Downloading images, creating cases, and managing Fortigate from the cloud. You can change these permissions however you want. 

 

 

image.png

 

After these steps, you can create an IAM user with these permissions. You need to select your sub folder and your permissions profile in step 2. 

 

image.png

 

If you can complete these steps. Enough for create IAM user and restrict their permissions. 

 

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
Labels
Top Kudoed Authors