Update AWS Organization
When your AWS organization failed to be added to FortiCNP, you can update the AWS organization account on FortiCNP to fix the configuration. It also gives you a chance to add or delete the optional permissions to the existing account. For more details, see AWS Permission and Resource Requirements
Update AWS Organization - Part 1
- From the FortiCNP navigation pane, go to ADMIN > Cloud Accounts, click Action button of the account and select Update Account.
- In Update AWS Account selection, select Update AWS Organization and click Update AWS Account.
- In Select Permissions section, select or unselect the optional permissions to be granted to FortiCNP.
- In CloudTrail section, select "Yes" to allow FortiCNP to create a CloudTrail for the account, or "No" if you already created one.
- Click Next Step to continue to the next page.
- Click Go to AWS CloudFormation Guide to be re-directed to AWS CloudFormation guide to clean up the previous configurations.
- A new page will pop up with the AWS CloudFormation Guide, click Next at the bottom of each page until the last page, and click Create Stack.
- Refresh the stack status page until the FortiCNPClean stack status shows "CREATE_COMPLETE".
- Go back to FortiCNP update account page, and click Continue.
Update AWS Organization - Part 2
After part 1 is completed, a status update will show that the cleanup stack have removed the old CloudFormation, roles, and policies.
- Click Next to continue with the rest of the steps.
- Click Go to AWS CloudFormation Guide again to create a new stack.
- A new page will pop up with the AWS CloudFormation Guide, click Next at the bottom of each page until the last page, and click Create Stack.
- Refresh the stack status page until the FortiCNPOrganization stack status shows "CREATE_COMPLETE".
- Go back to FortiCNP update account page, and click Next Step to continue with the configuration.
- FortiCNP will check if the AWS Stack, Roles, and Policies are created successfully, and click Next Step to continue.
- Select the sub-accounts of the AWS organization to be added to FortiCNP, then click Update AWS Organization to finish.