Amazon Simple Queue Service (SQS) is a message queuing service that is used to store and retrieve multiple messages between different microservices and distributed systems. FortiCWP supports sending notification through Amazon SQS platform.
Before setup Amazon SQS with FortiCWP notification, the AWS account on FortiCWP must have Notification Permission. Notification permission can be granted to FortiCWP during AWS account onboarding.
If the Notification Permission was not selected during the AWS account onboarding process, you can update the account installation to include the Notification Permission. Please see Update AWS Account Automatically, Update AWS Account, or Update AWS Organization.
After you verify that Notification Permission is added to AWS account, you can create a new SQS queue on AWS.
Follow the AWS tutorial guide to create a new Amazon SQS queue:
When you finish creating a new SQS queue, copy the SQS URL and save it for later to setup SQS notification in FortiCWP.
- In Notification Target Name, enter a name for this notification.
- In SQS Recipient, click AWS Account ID drop down menu to select the AWS account that has the new SQS queue created.
- In SQS URL field, paste the SQS URL that you copied from the new SQS queue details.
- In Alert Notification, turn On/Off the alert notification triggered by policy violations.
- Click Send Notification for Alert Triggered By Objects In drop down menu and select resource group(s). Only the alerts triggered by the selected resource groups will send notification. You can monitor all cloud accounts be selecting All Resource. To create a resource group, please see Resource Group.
- Select the method that the notification should be triggered by - Severity Level or Specific Policy.
- When Severity Level is selected, select the alert severity level the notification will be triggered by. Only the alerts triggered by the selected severity level will send notifications
- When Specific Policy is selected, click select policy drop down menu and select at least one policy. Only the alerts triggered by the selected policy will sent notifications.
- Check Send Notification for the Same Alerts to prevent receiving the same notification within 24 hour period.
- Click Add New Notification Target to finish.