Bootstrapping :

Creating S3 buckets with license and firewall configurations To create S3 buckets with
license and firewall configurations: 1. On the AWS console, create an Amazon S3 bucket
at the root level for the bootstrap files. 2. Upload the license file and configuration file(s)
to the S3 bucket. This example uploads one license file and two configuration files. The
example has the following FortiOS CLI command statement in the config file:

The FortiGate-VM at initial bootup using user data If you are installing and configuring
your applications on Amazon EC2 dynamically at instance launch time, you typically
must pull and install packages, deploy files, and ensure services are started. The
following bootstrapping instructions help simplify, automate, and centralize FortiGate-
VM next generation firewall deployment directly from the configuration scripts stored in
AWS S3. This is also called "cloud-init".

Setting up IAM roles:

Identity & Access Management roles need S3 bucket read access. This example applies
the existing AmazonS3ReadOnlyAccess policy to the role by adding the following code
or selecting S3ReadOnlyAccess from the policy list in adding to the role: { "Version":
"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:Get*", "s3:List*" ],
"Resource": "*"