Fortinet black logo

Version:

Version:

Version:

Version:


Table of Contents

Online Help

Add AWS Account - Automatic

Add AWS account on Container Protection with automation through AWS CloudFormation. CloudFormation would create a stack that works with Container Protection to add the AWS IAM role.

Prerequisite

Activate Security Token Service (STS)

Container Protection uses regional Security Token Service (STS) to reduce latency and provide smoother user experience.

Follow these steps to turn on Security Token Service (STS) on AWS console.

  1. From your AWS console dashboard, go to Identity and Access Management (IAM).
  2. Click Account settings from the left navigation panel, and click to expand Security Token Service (STS).
  3. Based on your location, activate EU (Ireland) if you are located in European Union, otherwise, activate US West (Oregon).

Account Requirement

The AWS account user needs to be an administrator to use CloudFormation.

For a regular user to utilize CloudFormation, an Administrator Access Role is needed in stack creation. Follow the guide in AWS Administrator Role Creation to create an administrator access role first before proceeding to add AWS IAM role through CloudFormation.

For administrator, please skip this step and continue to add AWS IAM role through CloudFormation.

 

Add AWS Account

Add AWS IAM Role via CloudFormation

Reference - Role Policy in CloudFormation

 

 

 

Add AWS Account - Automatic

Add AWS account on Container Protection with automation through AWS CloudFormation. CloudFormation would create a stack that works with Container Protection to add the AWS IAM role.

Prerequisite

Activate Security Token Service (STS)

Container Protection uses regional Security Token Service (STS) to reduce latency and provide smoother user experience.

Follow these steps to turn on Security Token Service (STS) on AWS console.

  1. From your AWS console dashboard, go to Identity and Access Management (IAM).
  2. Click Account settings from the left navigation panel, and click to expand Security Token Service (STS).
  3. Based on your location, activate EU (Ireland) if you are located in European Union, otherwise, activate US West (Oregon).

Account Requirement

The AWS account user needs to be an administrator to use CloudFormation.

For a regular user to utilize CloudFormation, an Administrator Access Role is needed in stack creation. Follow the guide in AWS Administrator Role Creation to create an administrator access role first before proceeding to add AWS IAM role through CloudFormation.

For administrator, please skip this step and continue to add AWS IAM role through CloudFormation.

 

Add AWS Account

Add AWS IAM Role via CloudFormation

Reference - Role Policy in CloudFormation