Fortinet Document Library

Version:


Table of Contents

About FortiGate for AWS

Deploying FortiGate on AWS

Deploying auto scaling on AWS

Single FortiGate-VM Deployment

Use Case: High Availability for FortiGate on AWS

Security Fabric Connector Integration with AWS

Resources

Upgrade Path Tool
6.0.0
Copy Link

Setting up the DynamoDB table

One DynamoDB table with the stream feature enabled is required to store records of malicious IP addresses from GuardDuty findings. Note DynamoDB tables and Lambda functions are region-specific so you must create the table and the Lambda function in the same AWS region. Note a DynamoDB trigger on this table will be created to cause the Lambda function to execute. Since the Lambda function hasn't been created yet, instructions to create the trigger will be provided later in Setting up the DynamoDB stream trigger.

  1. Create the DynamoDB table. In this example, the table is named my-aws-lambda-guardduty-db.
    1. For the primary key, do the following:
      1. Input the value finding_id. This value is case-sensitive.
      2. From the data type dropdown list, select String.
    2. Add a sort key:
      1. Input the value ip. This value is case-sensitive.
      2. From the data type dropdown list, select String.
    3. Check used default settings for Table settings.
    4. Click Create.
  2. Enable the Stream feature on the table.
    1. On the Overview tab, click Manage Stream, select Keys only, then click Enable to save.
    2. Write down the Latest stream ARN. This ARN is used in the IAM policy creation step.

Resources

Setting up the DynamoDB table

One DynamoDB table with the stream feature enabled is required to store records of malicious IP addresses from GuardDuty findings. Note DynamoDB tables and Lambda functions are region-specific so you must create the table and the Lambda function in the same AWS region. Note a DynamoDB trigger on this table will be created to cause the Lambda function to execute. Since the Lambda function hasn't been created yet, instructions to create the trigger will be provided later in Setting up the DynamoDB stream trigger.

  1. Create the DynamoDB table. In this example, the table is named my-aws-lambda-guardduty-db.
    1. For the primary key, do the following:
      1. Input the value finding_id. This value is case-sensitive.
      2. From the data type dropdown list, select String.
    2. Add a sort key:
      1. Input the value ip. This value is case-sensitive.
      2. From the data type dropdown list, select String.
    3. Check used default settings for Table settings.
    4. Click Create.
  2. Enable the Stream feature on the table.
    1. On the Overview tab, click Manage Stream, select Keys only, then click Enable to save.
    2. Write down the Latest stream ARN. This ARN is used in the IAM policy creation step.