Fortinet Document Library

Version:


Table of Contents

About FortiGate for AWS

Deploying FortiGate on AWS

Deploying auto scaling on AWS

Single FortiGate-VM Deployment

Use Case: High Availability for FortiGate on AWS

Security Fabric Connector Integration with AWS

Resources

Upgrade Path Tool
6.0.0
Copy Link

Planning

Deploying FortiGate Autoscale for AWS requires the use of deployment templates. There are two types of templates:

  • Entry template. This template could run as the entry point of a deployment.
  • Dependency template. This template is automatically run by the deployment process as a Nested Stack. It cannot be run as an entry template. A dependency template is run based on user selected options.

Following are descriptions of the templates included in the 2.0.x deployment package.

Template

Type

Description

autoscale-new-vpc.template

Entry template

Deploys the Auto Scaling solution to a new VPC.

autoscale-existing-vpc.template

Entry template

Deploys the Auto Scaling solution to an existing VPC.

autoscale-main.template

 

Dependency template

Does the majority of the work for deploying FortiGate Autoscale.

add-nic-attachment-service.template

Dependency template

Deploys a service to handle an additional network interface attachment / detachment to an EC2 instance in a given VPC.

copy-objects.template

Dependency template

Creates an S3 bucket in the same region where the stack is launched and copies deployment related objects to this S3 bucket.

create-autoscale-handler.template

Dependency template

Creates a FortiGate Autoscale Handler Lambda function and an API Gateway.

create-auto-scaling-group.template

Dependency template

Creates a FortiGate Auto Scaling group and related components.

create-db-table.template

Dependency template

Creates all necessary DynamoDB tables for the FortiGate Autoscale solution.

create-fortianalyzer.template

Dependency template

Deploys a single FortiAnalyzer instance for certain purposes such as storing logs from FortiGate-VMs.

create-fortigate.template

Dependency template

Deploys a FortiGate EC2 instance to a subnet using a given FortiGate AMI, security group, and instance profile.

create-hybrid-auto-scaling-group.template

Dependency template

Deploys the hybrid licensing FortiGate Auto Scaling groups.

create-load-balancer.template

Dependency template

Deploys network traffic Load Balancers and components for FortiGate Autoscale.

create-nat-fgt-master.template

Dependency template

Deploys FortiGate-VMs as NAT gateways.

create-new-vpc.template

Dependency template

Creates a new VPC in which to deploy the FortiGate Autoscale solution.

Resources

Planning

Deploying FortiGate Autoscale for AWS requires the use of deployment templates. There are two types of templates:

  • Entry template. This template could run as the entry point of a deployment.
  • Dependency template. This template is automatically run by the deployment process as a Nested Stack. It cannot be run as an entry template. A dependency template is run based on user selected options.

Following are descriptions of the templates included in the 2.0.x deployment package.

Template

Type

Description

autoscale-new-vpc.template

Entry template

Deploys the Auto Scaling solution to a new VPC.

autoscale-existing-vpc.template

Entry template

Deploys the Auto Scaling solution to an existing VPC.

autoscale-main.template

 

Dependency template

Does the majority of the work for deploying FortiGate Autoscale.

add-nic-attachment-service.template

Dependency template

Deploys a service to handle an additional network interface attachment / detachment to an EC2 instance in a given VPC.

copy-objects.template

Dependency template

Creates an S3 bucket in the same region where the stack is launched and copies deployment related objects to this S3 bucket.

create-autoscale-handler.template

Dependency template

Creates a FortiGate Autoscale Handler Lambda function and an API Gateway.

create-auto-scaling-group.template

Dependency template

Creates a FortiGate Auto Scaling group and related components.

create-db-table.template

Dependency template

Creates all necessary DynamoDB tables for the FortiGate Autoscale solution.

create-fortianalyzer.template

Dependency template

Deploys a single FortiAnalyzer instance for certain purposes such as storing logs from FortiGate-VMs.

create-fortigate.template

Dependency template

Deploys a FortiGate EC2 instance to a subnet using a given FortiGate AMI, security group, and instance profile.

create-hybrid-auto-scaling-group.template

Dependency template

Deploys the hybrid licensing FortiGate Auto Scaling groups.

create-load-balancer.template

Dependency template

Deploys network traffic Load Balancers and components for FortiGate Autoscale.

create-nat-fgt-master.template

Dependency template

Deploys FortiGate-VMs as NAT gateways.

create-new-vpc.template

Dependency template

Creates a new VPC in which to deploy the FortiGate Autoscale solution.