Installing and configuring FortiGate Autoscale for AWS without Transit Gateway integration requires knowledge of the following:
- Configuring a FortiGate using the CLI
- AWS CloudFormation templates
- AWS Lambda Function
It is expected that FortiGate Autoscale for AWS without Transit Gateway integration will be deployed by DevOps engineers or advanced system administrators who are familiar with the above.
Before starting the deployment, the following steps must be carried out:
- Log into your AWS account. If you do not already have one, create one by following the on-screen instructions.
CFT deployment will fail if the AWS user deploying the template does not have sufficient AWS permissions to perform the required service actions on resources. At a minimum, the following are required:
- Service: IAM; Actions:CreateRole; Resource: *.
- Use the region selector in the navigation bar to choose the AWS region where you want to deploy FortiGate Autoscale for AWS without Transit Gateway integration.
The c5.large instance type is not compatible with the Asia Pacific (Sydney) Region (ap-southeast-2).
AWS Auto Scaling is not supported in every region. Please check the AWS Region Table prior to selecting a region. Region support may be added without prior notification.
- Confirm that you have a valid subscription to the On-Demand and/or BYOL marketplace listings for FortiGate, as required for your deployment:
Without the valid subscriptions, the deployment will fail with errors.
- Create a key pair in your selected region.
- If necessary, request a service limit increase. You may need to do this if you encounter an issue where you exceed the default limit with this deployment. The default instance type is c5.large.