Creating Fabric connector objects for AWS
With FortiManager, you can create a fabric connector for Amazon Web Services (AWS), and then import address names from AWS to automatically create dynamic objects that you can use in policies. When you install the policies to one or more FortiGate units, FortiGate uses the information to communicate with AWS and dynamically populate the objects with IP addresses. Fortinet SDN Connector is not required for this configuration.
When you create a fabric connector for AWS, you are specifying how FortiGate can communicate directly with AWS.
If ADOMs are enabled, you can create one fabric connector per ADOM.
Requirements:
- FortiManager version 6.0 ADOM or later
- FortiGate is managed by FortiManager.
- The managed FortiGate unit is configured to work with AWS.
Following is a high-level overview of the configuration procedure:
To create a fabric connector object for AWS:
- Go to Fabric View > Fabric Connectors.
- Click Create New. The Create New Fabric Connector wizard is displayed.
- Under SDN, select Amazon Web Services (AWS), and click Next.
- Configure the following options, and then click OK:
Type
Displays Amazon Web Services (AWS).
Name
Type a name for the fabric connector object.
Status
Toggle On to enable the fabric connector object. Toggle OFF to disable the fabric connector object.
Update Interval (s)
Specify how often in seconds that the dynamic firewall objects should be updated.
AWS access key ID
Type the access key ID from AWS.
Secret access key
Type the secret access key from AWS.
Region name
Type the region name from AWS.
VPC ID
Type the AWS VPC ID.