Access control options
When creating or editing a role, select Definitions to see access control definitions.
Access Control |
Definition |
||
---|---|---|---|
Secrets |
|||
|
It controls access to the Secret list page. It also controls whether pages: Secret Templates, Policies and Launchers can be viewed. |
||
|
Controls the access to Folders. Note: You can restrict the corresponding folder and secret permissions under a specific folder and secret. |
||
|
Permission to create folders in Root. |
||
|
Access to the SSH Filter Profiles page. |
||
|
Access to the Job List page. |
||
|
Access to the My Request and Request Review page in Approval Request. |
||
|
Access to the Approval Profile page in Approval Flow. |
||
|
Access to Password Changers page in Password Changing. |
||
|
Access to Character Sets page in Password Changing. |
||
|
Access to Password Policies page in Password Changing. |
||
|
Enable/disable creating a personal folder right after the user is created. |
||
|
Enable/disable editing the Secret Templates page. |
||
|
Enable/disable editing the Policies page. |
||
|
Enable/disable editing the Secret Launchers page. |
||
|
Enable/disable viewing the secret password, passphrase and ssh-key. The Secret list must have Write permission to view the encrypted secret information. |
||
User Management |
|||
|
Access to the User Definition page in User Management and the Backup page in System. |
||
|
Access to the User Groups page in User Management. |
||
|
Access to the Role page in User Management. |
||
|
Access to the Ldap Servers page in User Management. |
||
|
Access to the Saml Single Sign-On page in User Management. |
||
|
Access to the Radius Servers page in User Management. |
||
|
Access to the Schedule page in User Management. |
||
|
Enable/disable CLI access. |
||
|
Enable/disable access to diagnostic CLI commands. |
||
|
Enable/disable permission to use firmware and configuration backup features. |
||
Authentication |
|||
|
Access to the Addresses page. |
||
|
Access to the Scheme & Rules page. |
||
|
Access to the ZTNA page in System. |
||
Network |
|||
|
Access to the Interfaces page in Network. |
||
|
Access to the Packet Capture page in Network. |
||
|
Access to the Static Routes page in Network. |
||
|
Access to the FortiAnalyzer Logging card on the Fabric Connectors page in Security Fabric. |
||
|
Access to the FortiClient EMS card on the Fabric Connectors page in Security Fabric. |
||
|
Enable/disable accessing the Certificates page in System. |
||
System |
|||
|
Access to:
|
||
|
Access to the FortiGuard page from Dashboard. |
||
|
Access to Email Alert Settings and Log Settings in Log & Report. |
||
Admin Settings |
|||
|
Enable/disable accessing FortiPAM GUI. |
||
|
Enable/disable glass breaking mode. |
||
|
Enable/disable maintenance mode. |
||
|
Enable/disable viewing Events, Secrets, ZTNA, and SSH logs in Log & Report. |
||
|
Enable/disable viewing Reports in Log & Report. |
||
|
Enable/disable viewing playback videos in Secret Video. |