Fortinet Document Library

Version:


Table of Contents

OCI Administration Guide

7.0.0
Download PDF
Copy Link

Certificate-based SDN connector user privileges

See the FortiOS Administration Guide.

When configuring a certificate-based OCI SDN connector in FortiOS, you must enter the OCID of an OCI user who belongs to the administrator group. The user should be added in a dedicated group. The following policy summarizes minimum sufficient privileges for this user:

  • Allow dynamic-group <group_name> to read compartments in tenancy
  • Allow dynamic-group <group_name> to read instances in tenancy
  • Allow dynamic-group <group_name> to read vnic-attachments in tenancy
  • Allow dynamic-group <group_name> to read private-ips in tenancy
  • Allow dynamic-group <group_name> to read public-ips in tenancy
  • Allow group <group_name> to manage private-ips in tenancy
  • Allow group <group_name> to manage public-ips in tenancy

  • Allow group <group_name> to manage vnics in tenancy

Certificate-based SDN connector user privileges

See the FortiOS Administration Guide.

When configuring a certificate-based OCI SDN connector in FortiOS, you must enter the OCID of an OCI user who belongs to the administrator group. The user should be added in a dedicated group. The following policy summarizes minimum sufficient privileges for this user:

  • Allow dynamic-group <group_name> to read compartments in tenancy
  • Allow dynamic-group <group_name> to read instances in tenancy
  • Allow dynamic-group <group_name> to read vnic-attachments in tenancy
  • Allow dynamic-group <group_name> to read private-ips in tenancy
  • Allow dynamic-group <group_name> to read public-ips in tenancy
  • Allow group <group_name> to manage private-ips in tenancy
  • Allow group <group_name> to manage public-ips in tenancy

  • Allow group <group_name> to manage vnics in tenancy