Fortinet black logo

Online Help

Home FortiCNP 22.3.a Online Help

Create AWS StackSet for Security Hub Integration

22.3.a
22.4.a
22.3.b
22.3.a
Copy Link
Copy Doc ID cf00dcb1-0886-11ed-bb32-fa163e15d75b:629180

Create AWS StackSet for Security Hub Integration

With AWS CloudFormation, only 1 AWS StackSet needs to be created for multiple accounts thus reduced the repetitive workload to create AWS Stack for every account.

Prerequisite

Before creating AWS StackSet for multiple AWS accounts, all accounts need to have AWS Security Hub enabled and aggregation region configured.

Follow the guide in AWS Security Hub and EventBridge Configuration first and then come back to this page to create AWS StackSet

Steps to Create AWS StackSet through CloudFormation

After AWS Security Hub Configuration is completed, create AWS StackSet for multiple AWS accounts.

  1. From the AWS portal, search and go to CloudFormation.
  2. Click StackSets from the CloudFormation menu.

  3. Click Create StackSet to go through CloudFormation guide.
  4. In Choose a template page, go to Permissions, under IAM execution role name, make sure AWSCloudFormationStackSetExecutionRole is selected in, then click Next.

  5. In Prerequisite - Prepare template section, make sure Template is ready is selected.
  6. In Specify template section, enter the template url for Amazon S3 URL provided by FortiCNP add account page, then click Next.

  7. In Specify StackSet details page, go to StackSet name section, enter "FortiCWPMultipleEventBridge" for StackSet name, then click Next.
  8. Click Next again in Configure StackSet options page.
  9. In Set deployment options page, under Account > Deployment locations, make sure Deploy stacks in accounts is selected, and enter the account numbers submitted earlier along with any other target account numbers separated by comma (,) or upload a .csv file. (In the CSV file, separate account numbers using commas as delimiters, e.g., 123456, 234567, etc.)

  10. In Specify regions, select "US West (Oregon)" as the aggregation region to avoid extra cost, then click Next.

  11. Review all parameters entered earlier and click Submit. Wait until the FortiCWPMultipleEventBridge StackSet is fully generated.

Previous
Next

Create AWS StackSet for Security Hub Integration

With AWS CloudFormation, only 1 AWS StackSet needs to be created for multiple accounts thus reduced the repetitive workload to create AWS Stack for every account.

Prerequisite

Before creating AWS StackSet for multiple AWS accounts, all accounts need to have AWS Security Hub enabled and aggregation region configured.

Follow the guide in AWS Security Hub and EventBridge Configuration first and then come back to this page to create AWS StackSet

Steps to Create AWS StackSet through CloudFormation

After AWS Security Hub Configuration is completed, create AWS StackSet for multiple AWS accounts.

  1. From the AWS portal, search and go to CloudFormation.
  2. Click StackSets from the CloudFormation menu.

  3. Click Create StackSet to go through CloudFormation guide.
  4. In Choose a template page, go to Permissions, under IAM execution role name, make sure AWSCloudFormationStackSetExecutionRole is selected in, then click Next.

  5. In Prerequisite - Prepare template section, make sure Template is ready is selected.
  6. In Specify template section, enter the template url for Amazon S3 URL provided by FortiCNP add account page, then click Next.

  7. In Specify StackSet details page, go to StackSet name section, enter "FortiCWPMultipleEventBridge" for StackSet name, then click Next.
  8. Click Next again in Configure StackSet options page.
  9. In Set deployment options page, under Account > Deployment locations, make sure Deploy stacks in accounts is selected, and enter the account numbers submitted earlier along with any other target account numbers separated by comma (,) or upload a .csv file. (In the CSV file, separate account numbers using commas as delimiters, e.g., 123456, 234567, etc.)

  10. In Specify regions, select "US West (Oregon)" as the aggregation region to avoid extra cost, then click Next.

  11. Review all parameters entered earlier and click Submit. Wait until the FortiCWPMultipleEventBridge StackSet is fully generated.

Previous
Next