Prerequisites

  • Download the appropriate template:
  • Required parameters:
    • FileStorageSecurityServicePrincipalID: The Service Principal ID is created in every Azure AD tenant that uses a specific application. To get your principal service ID:
      1. Open your Azure CLI with the target subscription.
      2. Prepare Service Principal ID: az ad sp create --id 0ebb1eb3-5de1-4d7f-8cce-b04607c0c4dd -o tsv --query 'id'
      3. List Service Principal ID: az ad sp show --id 0ebb1eb3-5de1-4d7f-8cce-b04607c0c4dd -o tsv
    • This is the Resource ID of the storage account that Trend Cloud One File Storage Security scans. The Resource ID should be in the following format:
      /subscriptions/{subscription-id}/resourceGroups/{resource-group}/providers/Microsoft.Storage/storageAccounts/{storage-account-name}
      To get your Resource ID:
      • Use your Azure console
      • Use your Azure CLI:
        [resourceId('Microsoft.Storage/storageAccounts/blobServices/containers', <'storageAccountName'>, 'default', <'storageContainerName'>)]
    • CloudOneRegion: This is the region in which you set up your Trend Micro Cloud One services. Note that the default region is us-1.
      To find your region:
      1. Open the Trend Cloud One console.
      2. Go to Direct to Account SettingsRegion field value.
  • Optional parameters:
    • VNet Configuration.
      • VNETResourceID
      • Subnet configurations
      • DNS Zone configurations
    • Log Analytics Integration
      • LogAnalyticsWorkspaceResourceID (if you want to manage it yourself)
    • System Topic Configuration
      • BlobSystemTopicExist (Yes/No)
      • BlobSystemTopicName

Additional Notes

  • All-in-One deployment is recommended for new users as it handles both Scanner and Storage stacks
  • Separate Stack deployments are for advanced scenarios or when you need different configurations
  • VNet deployment requires additional parameters and existing network infrastructure
  • Monitor deployment progress in Azure Portal under "Deployments"
  • Check Activity Log for any deployment failures