Fortinet black logo

Administration Guide

Home FortiGate CNF Administration Guide

Adding an AWS account

Adding an AWS account

Note

AWS accounts cannot be edited after they are fully added (the Status is Success), but the custom name can be changed.
Tooltip

To send logs to AWS Security Lake, Security Lake must be configured before adding the AWS account. See Configuring Security Lake.
To add a new AWS account:

  1. In the AWS console, log into this AWS account. The following CloudFormation steps will be performed in your AWS console.

  2. In FortiGate CNF, in the Cloud Accounts page, click New and select AWS.

  3. In AWS Account Name, enter a name for this account to be displayed in select lists.

  4. In AWS Account ID, enter the AWS account number.

  5. Click Launch CloudFormation Template.

    Caution

    Enter the AWS account number without dashes.

  6. Update the AWS CloudFormation template fields as needed and click Create Stack.

    To review the template, click Download CloudFormation Template.

    The template does the following:

    • Creates an S3 bucket for storing the FortiGate CNF logs, with write permissions for FortiGate CNF.

    • Allows FortiGate CNF read-only access to your VPCs.

    • Grants access to your AWS Security Lake, if applicable. See Configuring Security Lake.

  7. After the CloudFormation setup has completed successfully, return to the FortiGate CNF AWS Accounts page and verify that the account has been added and displays a Success message in the Status field.

    Caution

    The instructions displayed on the AWS account edit page are out of date and will be fixed in the March release.

    • 2.a: "The custom Source must be created in US West (Oregon)" restriction is removed. The custom source can be created in any supported region.

    • 2.b: OCSF Event Class should be Network Activity instead of Security Finding.

  8. Set the logging S3 bucket region.

  9. If needed, set the Security Lake S3 bucket location and enable access to Security Lake

Previous
Next

Adding an AWS account

Note

AWS accounts cannot be edited after they are fully added (the Status is Success), but the custom name can be changed.
Tooltip

To send logs to AWS Security Lake, Security Lake must be configured before adding the AWS account. See Configuring Security Lake.
To add a new AWS account:

  1. In the AWS console, log into this AWS account. The following CloudFormation steps will be performed in your AWS console.

  2. In FortiGate CNF, in the Cloud Accounts page, click New and select AWS.

  3. In AWS Account Name, enter a name for this account to be displayed in select lists.

  4. In AWS Account ID, enter the AWS account number.

  5. Click Launch CloudFormation Template.

    Caution

    Enter the AWS account number without dashes.

  6. Update the AWS CloudFormation template fields as needed and click Create Stack.

    To review the template, click Download CloudFormation Template.

    The template does the following:

    • Creates an S3 bucket for storing the FortiGate CNF logs, with write permissions for FortiGate CNF.

    • Allows FortiGate CNF read-only access to your VPCs.

    • Grants access to your AWS Security Lake, if applicable. See Configuring Security Lake.

  7. After the CloudFormation setup has completed successfully, return to the FortiGate CNF AWS Accounts page and verify that the account has been added and displays a Success message in the Status field.

    Caution

    The instructions displayed on the AWS account edit page are out of date and will be fixed in the March release.

    • 2.a: "The custom Source must be created in US West (Oregon)" restriction is removed. The custom source can be created in any supported region.

    • 2.b: OCSF Event Class should be Network Activity instead of Security Finding.

  8. Set the logging S3 bucket region.

  9. If needed, set the Security Lake S3 bucket location and enable access to Security Lake

Previous
Next