Amazon Simple Notification Service (Amazon SNS) is an Amazon message service that manages push messages and subscribed endpoints, it also let you create and deliver messages for distributed services. You may use Amazon SNS to create subscription endpoints for FortiCWP notifications.
Before setup Amazon SNS with FortiCWP notification, the AWS account on FortiCWP must have Notification Permission. Notification permission can be granted to FortiCWP during AWS account onboarding.
If the Notification Permission was not selected during the AWS account onboarding process, you can update the account installation to include the Notification Permission. Please see Update AWS Account Automatically, Update AWS Account, or Update AWS Organization.
After you verify that Notification Permission is added to AWS account, you can create a new SNS topic on AWS.
Follow the AWS tutorial guide to create a new Amazon SNS topic:
When you finish creating a new SNS topic, copy the SNS ARN and save it for later to setup SNS notification on FortiCWP.
- In Notification Target Name, enter a name for this notification.
- In SNS Recipient, click AWS Account ID drop down menu to select the AWS account that has the new SNS topic created.
- In SNS ARN field, paste the SNS ARN that you copied earlier from the new SNS topic details.
- In Alert Notification, turn On/Off the alert notification triggered by policy violations.
- Click Send Notification for Alert Triggered By Objects In drop down menu and select resource group(s). Only the alerts triggered by the selected resource groups will send notification. You can monitor all cloud accounts be selecting All Resource. To create a resource group, please see Resource Group.
- Select the method that the notification should be triggered by - Severity Level or Specific Policy.
- When Severity Level is selected, select the severity level the notification will be triggered by. Only the alerts triggered by the selected severity level will send notifications
- When Specific Policy is selected, click select policy drop down menu and select at least one policy. Only the alerts triggered by the selected policy will sent notifications.
- Check Send Notification for the Same Alerts to prevent receiving the same notification within 24 hour period.
- Click Add New Notification Target to finish.