Views:

How do I use OCI Cloud Shell instead of local shell for Agentless Vulnerability & Threat Detection deployment?

To address potential network connectivity limitations and inconsistencies across different local shell configurations, TrendAI recommends using OCI Cloud Shell to provide a standardized, pre-configured deployment environment.
Before deploying, complete the following prerequisites:
  1. Set the Cloud Shell network setting to Public.
  2. Configure the OCI CLI profile. The steps are the same as for local shell deployment. For detailed instructions, see Connect an OCI compartment using LocalShell.
  3. Upgrade Terraform to v1.13 or later. Cloud Shell may include an older version of Terraform and may run on ARM or x86 hardware. The following script auto-detects the architecture. Download a current release from the HashiCorp releases page, and update TF_VERSION as needed.
    • # Set to any version >= 1.13 from https://releases.hashicorp.com/terraform/
TF_VERSION=1.15.6

# Auto-detect architecture (Cloud Shell may be ARM or x86)
case "$(uname -m)" in
  aarch64) TF_ARCH=arm64 ;;
  x86_64)  TF_ARCH=amd64 ;;
  *)       echo "Unsupported arch: $(uname -m)"; return 1 ;;
esac

# Download and install
wget https://releases.hashicorp.com/terraform/${TF_VERSION}/terraform_${TF_VERSION}_linux_${TF_ARCH}.zip
unzip -o terraform_${TF_VERSION}_linux_${TF_ARCH}.zip
mkdir -p ~/bin && cp terraform ~/bin/

# Add ~/bin to PATH and reload
echo 'export PATH="$HOME/bin:$PATH"' >> ~/.bashrc
source ~/.bashrc

# Verify (must be >= 1.13)
terraform version
  4. Create a Podman alias for Docker compatibility. OCI Cloud Shell uses Podman instead of Docker, so the alias ensures the deployment script runs correctly.
    • # Alias podman to docker
echo 'alias docker=podman' >> ~/.bashrc

# Reload your shell configuration
source ~/.bashrc

# Verify docker is available
docker --version
After completing the prerequisites, deploy Agentless Vulnerability & Threat Detection using Cloud Shell:
  1. In TrendAI Vision One™, click Download the Terraform Template, then save and unzip the template in Cloud Shell.
  2. Copy the deployment folder command from TrendAI Vision One™ and paste it in the shell.
  3. Copy the deployment script commands from TrendAI Vision One™ and paste them in the shell. Cloud Shell starts the Terraform process to deploy security resources.
  4. In TrendAI Vision One™, in the Add Oracle Compartment screen, click Done.
    The connection process might take a few moments to complete. Refresh the Cloud Accounts screen to check the status of your added compartment.

How do I address OCI KMS key creation errors during Agentless Vulnerability & Threat Detection Terraform deployment for OCI?

When deploying Agentless Vulnerability & Threat Detection to your OCI compartment using the Terraform script, you may receive a KMS key creation error as shown below.
Error: Post "[URL]": dial tcp: lookup [URL] on [IPAddress]:53: no such host
  with module.cloud-sentry.module.primary-region.module.primary-common.module.secrets-management.oci_kms_key.common_key[0],
  on .terraform/modules/cloud-sentry/feature-modules/common/primary-region/secrets-management/secrets.tf line 14, in resource "oci_kms_key" "common_key"
The key creation error is an intermittent network issue with OCI. To address the issue, rerun the command terraform apply to deploy the Terraform template again.

How do I address "operation not permitted" errors on macOS during Agentless Vulnerability & Threat Detection Terraform deployment for OCI?

When executing the get_topic_ocid.sh shell script on macOS during Agentless Vulnerability & Threat Detection Terraform template deployment to OCI, you may receive an error message that looks similar to the following:
│ Error: External Program Execution Failed
│ 
│   with module.cloud-sentry.module.ca-toronto-1[0].module.common[0].module.telemetry.module.telemetry_topic.data.external.topic_ocid,
│   on .terraform/modules/cloud-sentry/templates/topic/topic.tf line 88, in data "external" "topic_ocid":
│   88:   program    = ["${path.module}/get_topic_ocid.sh"]
│ 
│ The data source received an unexpected error while attempting to execute the
│ program.
│ 
│ The program was executed, however it returned no additional error messaging.
│ 
│ Program: .terraform/modules/cloud-sentry/templates/topic/get_topic_ocid.sh
│ State: fork/exec
│ .terraform/modules/cloud-sentry/templates/topic/get_topic_ocid.sh: operation
│ not permitted
If you receive the error, macOS Gatekeeper has blocked the script. To fix the error, perform the following steps to remove the com.apple.quarantine attribute added to the script by macOS Gatekeeper.
  1. Open Terminal.
  2. Use the following command to navigate to the script directory:
    • cd /path/Vision-One-Cloud-Account-Management/.terraform/modules/cloud-sentry/templates/topic/
  3. Use the following command to remove the quarantine attribute:
    • xattr -d com.apple.quarantine get_topic_ocid.sh

How do I address EOF errors related to log group removal when removing the Agentless Vulnerability & Threat Detection Terraform stack in OCI?

If you are removing the Terraform stack for Agentless Vulnerability & Threat Detection from your OCI compartment using the terraform destroy command, you may receive an error similar to the following error related to log group removal:
Error: Delete "https://logging.ap-singapore-1.oci.oraclecloud.com/20200531/logGroups/ocid1.loggroup.oc1.ap-singapore-1.amaaaaaags553pqaq4hd262mmevb24cmbcttm6mfogldj6lvdjsmkkm3idla/logs/ocid1.log.oc1.ap-singapore-1.amaaaaaags553pqaj7wjzerzf5rvnad66gezhvanmoflayldqq5wcdxooq3a": EOF
The error is an intermittent network issue with OCI. Rerun the terraform destroy command to retry removing the Terraform stack.