Fortinet black logo

Online Help

Home FortiCNP 22.3.b Online Help
22.3.b
22.4.a
22.3.b
22.3.a

Add Multiple AWS accounts via CloudFormation

Add Multiple AWS accounts via CloudFormation

The permission for Stacksets operations need to be created first for both the administrator and target accounts before proceeding to add multiple AWS accounts through AWS CloudFormation. See Setup permissions for Stack Sets Operations to setup the required permissions.

Go back to FotiCNP add account page, copy the Template url, StactSet name and the UUID.

Then click the AWS CloudFormation Guide, a pop up page will re-direct to you to Amazon Cloud Formation, please follow the steps below to create Stackset.

AWS Cloudformation Configuration

  1. Click StackSets from the CloudFormation menu.

  2. Click Create StackSet to go through CloudFormation guide.
  3. In Choose a template page, go to Permissions > IAM execution role name, make sure AWSCloudFormationStackSetExecutionRole is selected.

  4. In Prerequisite - Prepare template, make sure Template is ready is selected.
  5. In Specify template > Amazon S3 URL, paste the Template url copied earlier from FortiCNP add account page, then click Next.

  6. In Specify StackSet details page, go to StackSet name > StackSet name, enter the StackSet name copied from FortiCNP.

  7. In Parameters, use the default RoleName from FortiCNP or enter an custom role name. The custom role name does not need to have the UUID. Enter the UUID copied earlier from FortiCNP in UUID field, Then click Next to continue.

  8. Click Next again in Configure StackSet options page.
  9. In Set deployment options page, under Account > Deployment locations, make sure Deploy stacks in accounts is selected, and enter the account numbers submitted earlier along with any other target account numbers separated by comma (,) or upload a .csv file. (In the CSV file, separate account numbers using commas as delimiters, e.g., 123456, 234567, etc.)

  10. Click on drop the down menu in Specify regions to select any region, then click Next.
  11. Review all parameters entered earlier and click Submit. Wait until the StackSet is fully generated.
  12. Go back to FortiCNP add account page. If a custom role name was used, enter the custom role name.

  13. If you would like to receive notification when the add account process is completed (recommended), click Get Email Notification drop down menu, enter an e-mail address and press Enter. Add additional email addresses as needed.

  14. Click Add Multiple AWS Accounts to finish.
If there is an error after completing Amazon CloudFormation, please refer to Troubleshooting > Amazon Web Service > Stack Already Exists Error.

Note: If you have setup an email notification, you should received an email notification upon completion of the account onboarding process.

Previous
Next

Add Multiple AWS accounts via CloudFormation

The permission for Stacksets operations need to be created first for both the administrator and target accounts before proceeding to add multiple AWS accounts through AWS CloudFormation. See Setup permissions for Stack Sets Operations to setup the required permissions.

Go back to FotiCNP add account page, copy the Template url, StactSet name and the UUID.

Then click the AWS CloudFormation Guide, a pop up page will re-direct to you to Amazon Cloud Formation, please follow the steps below to create Stackset.

AWS Cloudformation Configuration

  1. Click StackSets from the CloudFormation menu.

  2. Click Create StackSet to go through CloudFormation guide.
  3. In Choose a template page, go to Permissions > IAM execution role name, make sure AWSCloudFormationStackSetExecutionRole is selected.

  4. In Prerequisite - Prepare template, make sure Template is ready is selected.
  5. In Specify template > Amazon S3 URL, paste the Template url copied earlier from FortiCNP add account page, then click Next.

  6. In Specify StackSet details page, go to StackSet name > StackSet name, enter the StackSet name copied from FortiCNP.

  7. In Parameters, use the default RoleName from FortiCNP or enter an custom role name. The custom role name does not need to have the UUID. Enter the UUID copied earlier from FortiCNP in UUID field, Then click Next to continue.

  8. Click Next again in Configure StackSet options page.
  9. In Set deployment options page, under Account > Deployment locations, make sure Deploy stacks in accounts is selected, and enter the account numbers submitted earlier along with any other target account numbers separated by comma (,) or upload a .csv file. (In the CSV file, separate account numbers using commas as delimiters, e.g., 123456, 234567, etc.)

  10. Click on drop the down menu in Specify regions to select any region, then click Next.
  11. Review all parameters entered earlier and click Submit. Wait until the StackSet is fully generated.
  12. Go back to FortiCNP add account page. If a custom role name was used, enter the custom role name.

  13. If you would like to receive notification when the add account process is completed (recommended), click Get Email Notification drop down menu, enter an e-mail address and press Enter. Add additional email addresses as needed.

  14. Click Add Multiple AWS Accounts to finish.
If there is an error after completing Amazon CloudFormation, please refer to Troubleshooting > Amazon Web Service > Stack Already Exists Error.

Note: If you have setup an email notification, you should received an email notification upon completion of the account onboarding process.

Previous
Next