Migrating legacy FortiGate Cloud users to IAM users

FortiGate Cloud supports the following user management types:

User management type	Description
FortiGate Cloud legacy user model	Allows adding additional users with admin/regular roles with the same access as the primary user or as read-only.
FortiCloud Identity & Access Management (IAM) users	Enhanced permission model using FortiCloud IAM permission profiles and IAM users with resource-based access controls. FortiCloud IAM supports centrally managed permission profiles and user permissions across all FortiCloud services. These fine-grained access control for FortiGate Cloud provides greater flexibility in managing access to additional users of the FortiCloud account. For information on resources and permissions, see Creating a permission profile.

Migrating legacy FortiGate Cloud users to FortiCloud IAM users is highly recommended.

To migrate legacy FortiGate Cloud users to IAM users:

The following steps require that there is an IAM permission profile that enables access to the FortiGate Cloud portal with FortiGate Cloud permissions, as follows:

See IAM users.

The administrator can create any number of profiles with desired permissions combinations.

1. Log in to FortiGate Cloud with your FortiCloud account.
2. Go to Configuration > Account Setting.
3. Select the desired accounts, then click Migrate IAM Users. Follow the prompts.
4. Go to the IAM portal from FortiCloud top bar and go to Permission Profiles.
5. For each user in the exported list, create an IAM user and select the permissions profile with FortiGate Cloud permissions. See Adding IAM users.
6. Share the generated password link with the designated user to set up a new password.
7. After verifying that the user permissions are as configured, you can delete the legacy user from FortiGate Cloud by going to Configuration > Account Setting, selecting the desired user, then clicking Delete.

   

Legacy and IAM users can exist simultaneously during this transition.