Views:
When setting up your Cloud Account Management Terraform template, you have the option of setting the destination of the scanned files, depending on the results of the scan. If you do not set the parameters, the scanned files remain in their original location with metatags indicating their status.
File Security Storage supports three types of destination storage accounts:
  • quarantine_storage_account: Specifies the Azure storage account path where files identified as malicious will be quarantined. When a file is detected as malware or contains threats, File Security Storage will move it to this storage account for isolation and further investigation.
  • clean_storage_account: Specifies the Azure storage account path where files that pass security scanning will be moved. Clean files are those verified to be free of malware and other security threats.
    failure_storage_account: Specifies the Azure storage account path where files that cannot be scanned will be moved. This includes files that encounter scanning errors, exceed size limits, are corrupted, or have unsupported formats.
To set these optional parameters, carry out the following before deploying the terraform template. If you have already deployed the template, you need to redeploy the template.
  1. In the template package, find the main.tf file.
  2. In the file, locate the file-storage-security section.
    module "file-storage-security" {
    source = "https://v1-file-security-storage.s3.amazonaws.com/latest/azureTemplates/azure-templates.zip"
    business_id = module.cam.v1_account_id
    subscription_id = module.cam.subscription_id
    resource_group_location = module.cam.cam_deployed_region
    bootstrap_token = "<bootstrap token>"
    fss_api_endpoint = "https://api.xdr.trendmicro.com/external/v2/direct/sfc/external/sfc/api"
    xlogr_api_endpoint = "https://xlogr-ue1.xdr.trendmicro.com"
    fss_bucket_name = "v1-file-security-storage"
    quarantine_storage_account = ""
    clean_storage_account = ""
    failure_storage_account = ""

  }
  3. Update the following parameters with the desired Azure storage account:
    module "file-storage-security" {
  # ... other configuration ...
  quarantine_storage_account = ""
  clean_storage_account = ""
  failure_storage_account = ""
}
  4. Run thedeploy.sh script.