FortiCNP Access Management
FortiCNP role-based access control (FortiCNP RBAC) helps you manage who has access to what resources and what they can do specifically with those resources.
The way FortiCNP RBAC works is by creating a Profile that is a combination of Permission Group and a Resource Group then assign the profile to the user.
Permission Group and Resource Group
The Permission Group is a predefined group of permissions that determines the read/write access on each module in FortiCNP such as Resource, Alert, etc.
The Resource Group is a custom group of resources that needs to be created before adding to a profile.
There are two predefined profiles that have access permission to both Container Protection and Cloud Protection:
Global Admin Profile has both read and write access to all features and profile management.
Global Auditor Profile only has read access to all features and profile management.
The permission groups only have partial access to features on Cloud or Container Protection.
Profile Creation and Management
Cloud Protection Permission Group
Container Protection Permission Group
Global Settings Permission Group
Create Resource Group for Cloud Protection
Create Resource Group for Container Protection
Create User Profile Using Resource Group and Permission Group
Assign Profile to FortiCNP User
Switch Between Multiple Profiles