Dynamic Address Object Update:
The debug output shows that the IP address of the AWS Windows Server Lab has been updated
automatically, indicating that the dynamic address object feature is working as intended. This allows
FortiGate to adapt to changes in the IP addresses of AWS instances dynamically (Option A).
SDN Connector Configuration:
The messages in the debug output confirm that the SDN connector is able to retrieve instance
information and update the firewall address objects successfully. This implies that the SDN connector
is correctly configured and has the necessary permissions (Option C).
Manual Change and Permissions:
Option B is incorrect because while the address object could theoretically be changed manually, this
is not inferred from the debug output.
Option D is incorrect because the debug output does not indicate that the AWS user account must
have full administrative rights. The required permissions are typically more scoped to specific actions
related to SDN.
Reference:
FortiGate AWS Integration Guide: FortiGate on AWS
AWS IAM Policies for SDN: AWS IAM Policies
What two conclusions can you draw from the FortiGate debug output? (Choose two.)
What two conclusions can you draw from the FortiGate debug output? (Choose two.)