Fortinet black logo

Version:

Version:

Version:

Version:


Table of Contents

Online Help

Add Azure Account: CANNOT ADD Subscription Status

Background

In order for the Azure AD subscription ID to add to FortiCWP, the Subscription ID needs to provide the minimum read access to FortiCWP thus letting FortiCWP to be able to read the resources under the Subscription. If the subscription was not created by the master account or if it was not assigned with a role, it will be shown as CANNOT ADD status on FortiCWP. Please follow the steps below to add Reader, Owner, or User Access Administrator role to the Subscription.

  1. From Azure console page, search and click on Subscriptions.
  2. Click on the Subscription that is shown as CANNOT ADD status on FortiCWP.
  3. In the Subscription menu, click on Access control (IAM).
  4. '

  5. Click on + Add and select Add role assignment.
  6. In Add role assignment , search and select Reader, Owner, or User Access Administrator, then click Next.
  7. In Members tab, leave Assign access to as "User, group, or service principal", then click +Select members.
  8. In Select field, search and select a member (user account) that will be associated with the role.
  9. The member (user account) should have a Global Administrator role or Cloud Application Administrator + Global Reader roles as stated in Role Requirement.
  10. Click Review + Assign to finish creating the Reader role.

 

 

 

 

Add Azure Account: CANNOT ADD Subscription Status

Background

In order for the Azure AD subscription ID to add to FortiCWP, the Subscription ID needs to provide the minimum read access to FortiCWP thus letting FortiCWP to be able to read the resources under the Subscription. If the subscription was not created by the master account or if it was not assigned with a role, it will be shown as CANNOT ADD status on FortiCWP. Please follow the steps below to add Reader, Owner, or User Access Administrator role to the Subscription.

  1. From Azure console page, search and click on Subscriptions.
  2. Click on the Subscription that is shown as CANNOT ADD status on FortiCWP.
  3. In the Subscription menu, click on Access control (IAM).
  4. '

  5. Click on + Add and select Add role assignment.
  6. In Add role assignment , search and select Reader, Owner, or User Access Administrator, then click Next.
  7. In Members tab, leave Assign access to as "User, group, or service principal", then click +Select members.
  8. In Select field, search and select a member (user account) that will be associated with the role.
  9. The member (user account) should have a Global Administrator role or Cloud Application Administrator + Global Reader roles as stated in Role Requirement.
  10. Click Review + Assign to finish creating the Reader role.