Adding an endpoint to an AWS instance
An endpoint is added to your VPC to route traffic to and from the FortiGate CNF instance.
To add an endpoint to an AWS instance:
-
In CNF Instances, select an instance and click Edit.
-
Click Configure Endpoints.
-
In the table, click New.
-
Enter a name for the endpoint, then select the appropriate AWS account.
-
In VPC ID, select the VPC to connect to.
-
In Subnet, select a subnet.
AWS subnets must be created and tagged in AWS before they are available in this form.
In AWS, create a subnet in this VPC and tag it with Key =
fortigatecnf_subnet_type
and Value =endpoint
. -
Click Save. FortiGate CNF creates the endpoint, which may take several minutes. The status of the instance displays as Active when this process is complete.
You may create any number of endpoint subnets, allowing for multiple workloads to be protected by the same FortiGate CNF instance. If a different policy set is needed for an endpoint, create a new FortiGate CNF instance with the needed policy set for that endpoint.
Tags created
When an AWS endpoint is added, the following tags are created in the AWS account where the FortiGate CNF instance is deployed:
Tag |
Sample value |
---|---|
Region |
us-west-2 |
CNFId |
2735 |
ManagedBy |
FortiGate CNF |
CNFName |
AWS CNF example |
Name |
beta-c43-s2735-endpoint-subnet-0d1ce21403369975c |