Fortinet black logo

Online Help

Home FortiCNP 22.3.a Online Help

FortiCNP Access Management

22.3.a
22.4.a
22.3.b
22.3.a
Copy Link
Copy Doc ID cf00dcb1-0886-11ed-bb32-fa163e15d75b:123513

FortiCNP Access Management

FortiCNP role-based access control (FortiCNP RBAC) helps you manage who has access to what resources and what they can do specifically with those resources.

The way FortiCNP RBAC works is by creating a Profile that is a combination of Permission Group and a Resource Group then assign the profile to the user.

Permission Group and Resource Group

The Permission Group is a predefined group of permissions that determines the read/write access on each module in FortiCNP such as Resource, Alert, etc.

The Resource Group is a custom group of resources that needs to be created before adding to a profile.

There are two predefined profiles that have access permission to both Container Protection and Cloud Protection:

Global Admin Profile has both read and write access to all features and profile management.

Global Auditor Profile only has read access to all features and profile management.

The permission groups only have partial access to features on Cloud or Container Protection.

Profile Creation and Management

Cloud Protection Permission Group

Container Protection Permission Group

Global Settings Permission Group

Create Resource Group for Cloud Protection

Create Resource Group for Container Protection

Create User Profile Using Resource Group and Permission Group

Assign Profile to FortiCNP User

Switch Between Multiple Profiles

Previous
Next

FortiCNP Access Management

FortiCNP role-based access control (FortiCNP RBAC) helps you manage who has access to what resources and what they can do specifically with those resources.

The way FortiCNP RBAC works is by creating a Profile that is a combination of Permission Group and a Resource Group then assign the profile to the user.

Permission Group and Resource Group

The Permission Group is a predefined group of permissions that determines the read/write access on each module in FortiCNP such as Resource, Alert, etc.

The Resource Group is a custom group of resources that needs to be created before adding to a profile.

There are two predefined profiles that have access permission to both Container Protection and Cloud Protection:

Global Admin Profile has both read and write access to all features and profile management.

Global Auditor Profile only has read access to all features and profile management.

The permission groups only have partial access to features on Cloud or Container Protection.

Profile Creation and Management

Cloud Protection Permission Group

Container Protection Permission Group

Global Settings Permission Group

Create Resource Group for Cloud Protection

Create Resource Group for Container Protection

Create User Profile Using Resource Group and Permission Group

Assign Profile to FortiCNP User

Switch Between Multiple Profiles

Previous
Next