Fortinet Document Library

Version:


Table of Contents

22.2.0
Download PDF
Copy Link

Migrating sub users

You can migrate a sub user account from FortiCloud and convert it to an IAM user. After a sub user is migrated, they are required to update their login credentials the next time they access a portal.

Note

Not all Cloud Portals support IAM users at this time.

After migration is complete:

  • The sub user is automatically removed from your FortiCloud account. A sub user cannot be restored in FortiCloud.

  • The user's data and settings in the cloud portals are migrated with the user.
To migrate a sub user:
  1. Go to Migrate Sub Users.

  2. Read and accept the terms of migration, and click Next.
  3. Select a User ID formatting option, and click Next.

    Format

    Description

    Use email account name Maps the user's FortiCloud Email (Account ID) to the IAM User ID field.
    Use username as ID and filter with space Maps the user's FortiCloud Name to the IAM User ID field.

  4. Select a user(s) from the list, and click Next. The User Details page is displayed.

  5. Review the user's details, and click Next. The User Group, Asset and Portal Permissions pane opens.

  6. (Optional) Add the user to an IAM user group. See IAM user groups.

    1. Click IAM User Group, and select a group from the dropdown. The Effect Asset Permissions and the Effective Portal Permissions are displayed.
    2. Click Next, proceed to Step 10.
  7. From the Asset Permissions dropdown, select an asset group.
  8. Configure the Portal Permissions.
    1. Click the Edit button in the portal row.
      Permission Description
      Allow Portal Access

      Toggle Yes to allow access to a portal.

      Access Type

      The Access Type is defined by the portal. For example, the access types for Asset Management are:

      • Admin

      • Read Only

      • Read/Write

      Whereas the access types for FortiOS SSO are:

      • SuperAdmin

      • Read Only

      Additional Permission

      Additional permissions vary depending on the portal.

      Asset Management:

      • Recieve Renewal Notification

      FortiCare (Read Only or Read/Write)

      • Customer Serivce

      • Technical Assistance

      • RMA/DOA

      Note

      Some portals have user roles that are specific to that portal. When a portal has a unique user role, the Custom option is displayed. For information about the role, see the product's documentation.

    2. Click Confirm.
  9. Configure the Cloud Management & Services permissions.
    1. Click the plus sign (+), select a service from the list, and click ADD.
    2. Click the Edit button, and configure the portal permissions.
      Permission Description
      Allow Portal Access Toggle Yes to grant access to the service.
      AccessType

      The Access Type is defined by the portal. For example, the access types for Asset Management are:

      • Admin

      • Read Only

      • Read/Write

      Whereas the access types for FortiOS SSO are:

      • SuperAdmin

      • Read Only

    3. Click Confirm.
  10. Click Next. The Confirmation of Sub User/s to migrate page is displayed.

  11. Click Confirm. The Confirmation page is displayed.
  12. Click Download IAM user Credentials and send them to the user.

Migrating sub users

You can migrate a sub user account from FortiCloud and convert it to an IAM user. After a sub user is migrated, they are required to update their login credentials the next time they access a portal.

Note

Not all Cloud Portals support IAM users at this time.

After migration is complete:

  • The sub user is automatically removed from your FortiCloud account. A sub user cannot be restored in FortiCloud.

  • The user's data and settings in the cloud portals are migrated with the user.
To migrate a sub user:
  1. Go to Migrate Sub Users.

  2. Read and accept the terms of migration, and click Next.
  3. Select a User ID formatting option, and click Next.

    Format

    Description

    Use email account name Maps the user's FortiCloud Email (Account ID) to the IAM User ID field.
    Use username as ID and filter with space Maps the user's FortiCloud Name to the IAM User ID field.

  4. Select a user(s) from the list, and click Next. The User Details page is displayed.

  5. Review the user's details, and click Next. The User Group, Asset and Portal Permissions pane opens.

  6. (Optional) Add the user to an IAM user group. See IAM user groups.

    1. Click IAM User Group, and select a group from the dropdown. The Effect Asset Permissions and the Effective Portal Permissions are displayed.
    2. Click Next, proceed to Step 10.
  7. From the Asset Permissions dropdown, select an asset group.
  8. Configure the Portal Permissions.
    1. Click the Edit button in the portal row.
      Permission Description
      Allow Portal Access

      Toggle Yes to allow access to a portal.

      Access Type

      The Access Type is defined by the portal. For example, the access types for Asset Management are:

      • Admin

      • Read Only

      • Read/Write

      Whereas the access types for FortiOS SSO are:

      • SuperAdmin

      • Read Only

      Additional Permission

      Additional permissions vary depending on the portal.

      Asset Management:

      • Recieve Renewal Notification

      FortiCare (Read Only or Read/Write)

      • Customer Serivce

      • Technical Assistance

      • RMA/DOA

      Note

      Some portals have user roles that are specific to that portal. When a portal has a unique user role, the Custom option is displayed. For information about the role, see the product's documentation.

    2. Click Confirm.
  9. Configure the Cloud Management & Services permissions.
    1. Click the plus sign (+), select a service from the list, and click ADD.
    2. Click the Edit button, and configure the portal permissions.
      Permission Description
      Allow Portal Access Toggle Yes to grant access to the service.
      AccessType

      The Access Type is defined by the portal. For example, the access types for Asset Management are:

      • Admin

      • Read Only

      • Read/Write

      Whereas the access types for FortiOS SSO are:

      • SuperAdmin

      • Read Only

    3. Click Confirm.
  10. Click Next. The Confirmation of Sub User/s to migrate page is displayed.

  11. Click Confirm. The Confirmation page is displayed.
  12. Click Download IAM user Credentials and send them to the user.