Migrating legacy FortiGate Cloud users to IAM users
FortiGate Cloud supports the following user management types:
|
User management type |
Description |
|---|---|
| FortiGate Cloud legacy user model | Allows adding additional users with admin/regular roles with the same access as the primary user or as read-only. |
| FortiCloud Identity & Access Management (IAM) users |
Enhanced permission model using FortiCloud IAM permission profiles and IAM users with resource-based access controls. FortiCloud IAM supports centrally managed permission profiles and user permissions across all FortiCloud services. These fine-grained access control for FortiGate Cloud provides greater flexibility in managing access to additional users of the FortiCloud account. For information on resources and permissions, see Creating a permission profile. |
Migrating legacy FortiGate Cloud users to FortiCloud IAM users is highly recommended.
To migrate legacy FortiGate Cloud users to IAM users:
The following steps require that there is an IAM permission profile that enables access to the FortiGate Cloud portal with FortiGate Cloud permissions, as follows:
See IAM users.
|
The administrator can create any number of profiles with desired permissions combinations. |
- Log in to FortiGate Cloud with your FortiCloud account.
- Go to Settings > Account Setting.
- Select the desired accounts, then click Migrate IAM Users. Follow the prompts.
- Go to the IAM portal from FortiCloud top bar and go to Permission Profiles.
- For each user in the exported list, create an IAM user and select the permissions profile with FortiGate Cloud permissions. See Adding IAM users.
- Share the generated password link with the designated user to set up a new password.
- After verifying that the user permissions are as configured, you can delete the legacy user from FortiGate Cloud by going to Settings > Account Setting, selecting the desired user, then clicking Delete.
|
|
Legacy and IAM users can exist simultaneously during this transition. |