1. Check the system event logs for any errors or warnings that may indicate the cause of the reboot.
   
   
2. Verify the CPU and memory usage of the firewall to ensure it is not overloaded. This can be done by running the 'get system performance status' command.
   In addition, the FortiGate will log the memory and CPU usage every 5 minutes by default. If the reboots are suspected due to a performance issue, check this log at around the same time as the reboot. It is possible to search for these logs under General System Events by filtering on Log ID 40704. See more info in Technical Tip: Performance statistics in the system event logs.
   
   
3. Check for any UDP flood or other traffic that may be causing a DoS Attack. Check Logs -> Security Events -> Anomaly.
   
   
4. If the firewall is in HA, verify the HA configuration and ensure that it is set up correctly. This can be done by running the 'get system ha status' command.
   
   
5. Check the console logs for any errors or warnings that may indicate the cause of the reboot. 'diagnose debug crashlog read' may give some more details. 
   
   
6. If the issue persists, enable alerts on the Monitoring tools like SNMP for high CPU and high memory consumption, and ensure that console logging is enabled on AWS.
   
   

The firewall can also be rebooted by AWS CloudFront, and there were no crash logs or console logs available to determine the cause of the high CPU usage. It is recommended to check with AWS support to determine the cause of the reboot and to ensure that the AWS CloudFront is configured correctly.

Note: This behavior applies to all FortiGate deployment models in AWS, including Standalone, HA Active-Active, HA Active-Passive, and Auto-Scaling.