Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • New Features

    Home FortiGuest 1.3.0 New Features
    1.3.0
    1.3.0
    1.2.0
    1.1.0

    Amazon Web Services (AWS)

    Amazon Web Services (AWS)

    Perform the following steps to deploy FortiGuest on AWS.

    1. Obtain the file FortiGuest_VM64_AWS-v1.3.0-[build0xxx].aws.zip from Fortinet.
    2. Install or gain access to the AWS CLI. See Get started with the AWS CLI.
    3. Configure the AWS CLI as per your access requirements. These are some sample values that you must replace with the relevant ones.
      $ aws configure
      AWS Access Key ID [None]: AKIAIOSFODNN7EXAMPLE
      AWS Secret Access Key [None]: YEXAMPLEKEY
      Default region name [None]: us-west-2
      Default output format [None]: json
    4. Create an IAM role named vmimport. This operation requires IAM permissions.
      cat <<EOF > trust-policy.json
      {
      "Version": "2012-10-17",
      "Statement": [
      {
      "Effect": "Allow",
      "Principal": { "Service": "vmie.amazonaws.com" },
      "Action": "sts:AssumeRole",
      "Condition": {
      "StringEquals":{
      "sts:Externalid": "vmimport"
      }
      }
      }
      ]
      }
      EOF
      aws iam create-role --role-name vmimport --assume-role-policy-document file://trust-policy.json
      1. Create a policy and attach it to an Amazon S3 bucket.

        cat <<EOF > role-policy.json
        {
        "Version":"2012-10-17",
        "Statement":[
        {
        "Effect":"Allow",
        "Action":[
        "s3:GetBucketLocation",
        "s3:GetObject",
        "s3:ListBucket
        ],
        "Resource":[
        "arn:aws:s3:::$s3BacketName",
        "arn:aws:s3:::$s3BacketName/*"
        ]
        },
        {
        "Effect":"Allow",
        "Action":[
        "ec2:ModifySnapshotAttribute",
        "ec2:CopySnapshot",
        "ec2:RegisterImage",
        "ec2:Describe*"
        ],
        "Resource":"*"
        }
        ]
        }
        EOF
        aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document file://role-policy.json
      For more information, see Importing a VM as an Image.
    5. Extract the file FortiGuest_VM64_AWS-v1.3.0-[build0xxx].aws.zip. Post extraction, you have the following files.

    • VHD - FortiGuest_VM64_AWS-v1.3.0-[build0xxx].vhd

    • Import script - import2awsimg.sh

  • Run the import2awsimg.sh script to import the VM.
    Note: To import the VM, you must have read & write permissions to the Amazon bucket, EC2 Snapshot, and image create/import.
  • Launch an instance from the Amazon Machine Images (AMI). Select Images > AMI in the EC2 service interface and select the image that you just imported. Click Launch instance from AMI.
  • Update the configurations on this page. Select the instance type and configure the disk size to 500 GB. Click Launch instance.

  • Obtain the public IP address of the instance from the EC2 service interface and connect via a private key using SSH.
    • Previous
    Next

    Amazon Web Services (AWS)

    Amazon Web Services (AWS)

    Perform the following steps to deploy FortiGuest on AWS.

    1. Obtain the file FortiGuest_VM64_AWS-v1.3.0-[build0xxx].aws.zip from Fortinet.
    2. Install or gain access to the AWS CLI. See Get started with the AWS CLI.
    3. Configure the AWS CLI as per your access requirements. These are some sample values that you must replace with the relevant ones.
      $ aws configure
      AWS Access Key ID [None]: AKIAIOSFODNN7EXAMPLE
      AWS Secret Access Key [None]: YEXAMPLEKEY
      Default region name [None]: us-west-2
      Default output format [None]: json
    4. Create an IAM role named vmimport. This operation requires IAM permissions.
      cat <<EOF > trust-policy.json
      {
      "Version": "2012-10-17",
      "Statement": [
      {
      "Effect": "Allow",
      "Principal": { "Service": "vmie.amazonaws.com" },
      "Action": "sts:AssumeRole",
      "Condition": {
      "StringEquals":{
      "sts:Externalid": "vmimport"
      }
      }
      }
      ]
      }
      EOF
      aws iam create-role --role-name vmimport --assume-role-policy-document file://trust-policy.json
      1. Create a policy and attach it to an Amazon S3 bucket.

        cat <<EOF > role-policy.json
        {
        "Version":"2012-10-17",
        "Statement":[
        {
        "Effect":"Allow",
        "Action":[
        "s3:GetBucketLocation",
        "s3:GetObject",
        "s3:ListBucket
        ],
        "Resource":[
        "arn:aws:s3:::$s3BacketName",
        "arn:aws:s3:::$s3BacketName/*"
        ]
        },
        {
        "Effect":"Allow",
        "Action":[
        "ec2:ModifySnapshotAttribute",
        "ec2:CopySnapshot",
        "ec2:RegisterImage",
        "ec2:Describe*"
        ],
        "Resource":"*"
        }
        ]
        }
        EOF
        aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document file://role-policy.json
      For more information, see Importing a VM as an Image.
    5. Extract the file FortiGuest_VM64_AWS-v1.3.0-[build0xxx].aws.zip. Post extraction, you have the following files.

    • VHD - FortiGuest_VM64_AWS-v1.3.0-[build0xxx].vhd

    • Import script - import2awsimg.sh

  • Run the import2awsimg.sh script to import the VM.
    Note: To import the VM, you must have read & write permissions to the Amazon bucket, EC2 Snapshot, and image create/import.
  • Launch an instance from the Amazon Machine Images (AMI). Select Images > AMI in the EC2 service interface and select the image that you just imported. Click Launch instance from AMI.
  • Update the configurations on this page. Select the instance type and configure the disk size to 500 GB. Click Launch instance.

  • Obtain the public IP address of the instance from the EC2 service interface and connect via a private key using SSH.
    • Previous
    Next