Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
RolandBaumgaertner72
Contributor

Created on ‎03-06-2024 11:46 PM

Forticloud - Can I have different users to manage FGs?

Hello,

 

we are managing FGs for customers. All of them are associated to one email adress we use to register the FGs. Sometimes we use also the account to check FortiCloud, connect, etc.

 

Now we have a partner who is closing the business and the technician wants to be freelance and remain mananung network and everything at these cutomers. Is it possible to give him another FortiCloud Access so that he can at least also download Firmwares, etc. His account has no FG registered so he cant do much. Otherwise we have to give up our registration? Also something we dont really want.

 

Is there another way? I cant give him access to all our FGs, there are different partners and customers.

 

Thanks! 

Labels:
720
0 Kudos
5 REPLIES 5
ozkanaltas
Valued Contributor III

Created on ‎03-07-2024 12:03 AM Edited on ‎03-07-2024 12:08 AM

Hello @RolandBaumgaertner72 ,

 

You can use the IAM Account for your request. 

 

You can review this document. This document helps you, how to create, manage, or restrict IAM Account.

 

https://docs.fortinet.com/document/forticloud/24.1.0/identity-access-management-iam/5478/adding-iam-...

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
714
RolandBaumgaertner72
Contributor

Created on ‎03-07-2024 12:47 AM

Hi,

 

I dont get it. Maybe it is a subscription issue, we only have the free Forticloud subscription.

Within my Forticloud Access > My Account and I get to https://support.fortinet.com/Account/Profile

 

There I can create a new account in manage user. I created a test account with limited access and I can choose the serials or FGs where the usar can access to.

 

Than I login with this test user in Forticloud and I see that he has access to ALL FGs, he can see ALL of them. I checked only 5 FGs but this test user has the same access rights as my user.

 

I guess this is not a IAM User but if I go to My Account (IAM version) I just see my user and i cant add another user.

 

Thanks!
 

697
0 Kudos
ozkanaltas
Valued Contributor III
In response to RolandBaumgaertner72

Created on ‎03-07-2024 12:53 AM Edited on ‎03-07-2024 12:55 AM

Hello @RolandBaumgaertner72 ,

 

The IAM is not a paid feature. You can create or manage IAM users on this menu. I have also a free version of FortiCloud, I can create IAM user and I can restrict their account with specific units (With asset folder feature).

 

image.png

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
695
0 Kudos
RolandBaumgaertner72
Contributor

Created on ‎03-08-2024 03:02 AM

Hi,

 

OK I was able to create a new user in the IAM and specify his permission profile but I still dont know where I can associate him with only x FGs and not to have access to all our assets.

 

I was looking in Asset management but I dont see the option.


Please help ;)

 

Thanks!

668
0 Kudos
ozkanaltas
Valued Contributor III

Created on ‎03-08-2024 04:05 AM Edited on ‎03-08-2024 04:07 AM

Hello @RolandBaumgaertner72 ,

 

Firstly, you need to create a sub-folder on your asset management page. After that, you need to move the specified unit to this sub folder. Like This.

image.png

 

image.png

 

 

After these steps. You need to create a permission profile on the IAM page. For example like that. This permission is enough for Downloading images, creating cases, and managing Fortigate from the cloud. You can change these permissions however you want. 

 

 

image.png

 

After these steps, you can create an IAM user with these permissions. You need to select your sub folder and your permissions profile in step 2. 

 

image.png

 

If you can complete these steps. Enough for create IAM user and restrict their permissions. 

 

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
662
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.