Fortinet Document Library

Version:


Table of Contents

AWS Cookbook

Resources

Upgrade Path Tool

AWS Cookbook

6.4.0
Download PDF
Copy Link

Creating an address using the GUI

To create an address using the GUI:
  1. In FortiOS, go to Policy & Objects > Addresses. Click Create New, then select Address.
  2. Enter the address name. From the Type dropdown list, select Dynamic.
  3. From the Sub Type dropdown list, select Fabric Connector Address.
  4. From the SDN Connector dropdown list, select the AWS Fabric connector.
  5. In the Filter fields, enter the desired filters. This means the Fabric connector automatically populates and updates only instances belonging to the specified VPC that match this filtering condition. You can use the following keys:

    Description

    Key

    Example value

    Architecture architecture

    x86

    Autoscaling group AutoScaleGroup

    10703c-4f731e90-fortigate-payg-auto-scaling-group

    AZ placement.availabilityzone

    us-east-1a

    Group name placement.groupname

     

    Image ID imageId

    ami-123456

    Instance ID instanceId

    i-12345678

    Instance type instanceType

    t2.micro

    Key name keyName

     

    Kubernetes cluster k8s_cluster

     

    Kubernetes label and its name k8s_label.Name

     

    Kubernetes namespace k8s_namespace

     

    Kubernetes node name k8s_nodename

     

    Kubernetes pod name k8s_podname

     

    Kubernetes region k8s_region

     

    Kubernetes service name k8s_servicename

     

    Kubernetes zone k8s_zone

     

    Private DNS name privateDnsName

    ip-172-31-10-211.us-west-2.compute.internal

    Public DNS name publicDnsName

    ec2-54-202-168-254.us-west-2.compute.amazonaws.com

    Security group ID SecurityGroupId

     

    Subnet ID subnetId

    sub-123456

    Tag and its name. This key supports a maximum of eight tags. tag.Name

     

    Tenancy placement placement.tenancy

     

    VPC ID VpcId

     

    For example, to automatically populate instances that belong to a certain subnet within the VPC, you can create a filtering condition using subnetID. First, check the subnet ID in the AWS management portal.

    In this example, you would enter subnetId=subnet-fb2506a0 in the Filter field.

    You can set the filtering condition using multiple entries with the and and or button for each entry. When you use both and and or, FortiOS interprets and before or. For example, you can enter subnetId=subnet-fb2506a0 and tag.Name=abc123. In this case, an IP address of the instance that matches both the subnet ID and the tag “Name” shows up. Filters support wildcard values.

  6. From the Interface dropdown list, select an interface where the Fabric connector covers where relevant.
  7. Click OK. Once saved, FortiOS lists the address under Policy & Objects > Addresses.

Resources

Creating an address using the GUI

To create an address using the GUI:
  1. In FortiOS, go to Policy & Objects > Addresses. Click Create New, then select Address.
  2. Enter the address name. From the Type dropdown list, select Dynamic.
  3. From the Sub Type dropdown list, select Fabric Connector Address.
  4. From the SDN Connector dropdown list, select the AWS Fabric connector.
  5. In the Filter fields, enter the desired filters. This means the Fabric connector automatically populates and updates only instances belonging to the specified VPC that match this filtering condition. You can use the following keys:

    Description

    Key

    Example value

    Architecture architecture

    x86

    Autoscaling group AutoScaleGroup

    10703c-4f731e90-fortigate-payg-auto-scaling-group

    AZ placement.availabilityzone

    us-east-1a

    Group name placement.groupname

     

    Image ID imageId

    ami-123456

    Instance ID instanceId

    i-12345678

    Instance type instanceType

    t2.micro

    Key name keyName

     

    Kubernetes cluster k8s_cluster

     

    Kubernetes label and its name k8s_label.Name

     

    Kubernetes namespace k8s_namespace

     

    Kubernetes node name k8s_nodename

     

    Kubernetes pod name k8s_podname

     

    Kubernetes region k8s_region

     

    Kubernetes service name k8s_servicename

     

    Kubernetes zone k8s_zone

     

    Private DNS name privateDnsName

    ip-172-31-10-211.us-west-2.compute.internal

    Public DNS name publicDnsName

    ec2-54-202-168-254.us-west-2.compute.amazonaws.com

    Security group ID SecurityGroupId

     

    Subnet ID subnetId

    sub-123456

    Tag and its name. This key supports a maximum of eight tags. tag.Name

     

    Tenancy placement placement.tenancy

     

    VPC ID VpcId

     

    For example, to automatically populate instances that belong to a certain subnet within the VPC, you can create a filtering condition using subnetID. First, check the subnet ID in the AWS management portal.

    In this example, you would enter subnetId=subnet-fb2506a0 in the Filter field.

    You can set the filtering condition using multiple entries with the and and or button for each entry. When you use both and and or, FortiOS interprets and before or. For example, you can enter subnetId=subnet-fb2506a0 and tag.Name=abc123. In this case, an IP address of the instance that matches both the subnet ID and the tag “Name” shows up. Filters support wildcard values.

  6. From the Interface dropdown list, select an interface where the Fabric connector covers where relevant.
  7. Click OK. Once saved, FortiOS lists the address under Policy & Objects > Addresses.