Fortinet black logo

Online Help

Home FortiCNP 22.4.a Online Help
22.4.a
22.4.a
22.3.b
22.3.a

Grant Service Account and Organization Roles

Grant Service Account and Organization Roles

The service account is created under a project of a organization in the Google Cloud account. FortiCNP requires the service account to be granted with one of the following roles in the scope of organization level to provide security monitoring across all projects under the organization:

  1. Organization Administrator and Owner roles.
  2. Basic > Viewer and Tag Viewer and Log View Accessor

Steps to Grant Service Account and Organization Roles

  1. In Google Cloud Portal, first select the organization which the project is under.

  2. Click the Navigation Menu, select IAM & admin > IAM.
  3. Click the +Grant Access button on the top.

  4. In the New Principals field, enter the service account ID created earlier.
  5. Select one of the options and add the roles:
    1. Option 1: In the Role field, select Project > Owner or Viewer.
    2. Then click + ADD ANOTHER ROLE, select Resource Manager > Organization Administrator.

    3. Option 2: In the Role field, select Resource Manager > Tag Viewer.
    4. Then click + ADD ANOTHER ROLE, select Basic > Viewer.
    5. Click + ADD ANOTHER ROLE again, select Logging > Log View Accessor.

  6. Click the SAVE button to finish.

Previous
Next

Grant Service Account and Organization Roles

The service account is created under a project of a organization in the Google Cloud account. FortiCNP requires the service account to be granted with one of the following roles in the scope of organization level to provide security monitoring across all projects under the organization:

  1. Organization Administrator and Owner roles.
  2. Basic > Viewer and Tag Viewer and Log View Accessor

Steps to Grant Service Account and Organization Roles

  1. In Google Cloud Portal, first select the organization which the project is under.

  2. Click the Navigation Menu, select IAM & admin > IAM.
  3. Click the +Grant Access button on the top.

  4. In the New Principals field, enter the service account ID created earlier.
  5. Select one of the options and add the roles:
    1. Option 1: In the Role field, select Project > Owner or Viewer.
    2. Then click + ADD ANOTHER ROLE, select Resource Manager > Organization Administrator.

    3. Option 2: In the Role field, select Resource Manager > Tag Viewer.
    4. Then click + ADD ANOTHER ROLE, select Basic > Viewer.
    5. Click + ADD ANOTHER ROLE again, select Logging > Log View Accessor.

  6. Click the SAVE button to finish.

Previous
Next