Views:
To update Trend Cloud One File Storage Security to Trend Vision One File Security using APIs, follow the procedures below. These instructions are for single accounts. For organization accounts, see Update AWS Organization account to Trend Vision File Security Storage

Trend Vision One File Security Storage vs Trend Cloud One File Storage Security Parent topic

Feature
Trend Vision One File Security Storage
Trend Cloud One File Storage Security
Deployment
Cloud IaaS Providers
AWS
(Azure and GCP will be supported in Q4 2025.)
AWS, Azure, GCP
Deployment through
V1 Cloud Account Management
C1 console, API
Deployment
CloudFormation Template
CloudFormation Template(AWS)
Resource Manager(Azure)
Terraform(GCP)
Comparison on AWS platform
Architecture
Architecture diagram
Architecture diagram
FileSecurityStorageQuarantineBucket
check-icon=b4520e4d-a9b4-4d6a-a6df-a30ed7212780.png
x_icon=dc3d73da-fef0-42d6-a822-1f949373a258.png
FileStorageSecurityCleanBucket
check-icon=b4520e4d-a9b4-4d6a-a6df-a30ed7212780.png
x_icon=dc3d73da-fef0-42d6-a822-1f949373a258.png
FileSecurityStorageFailureBucket
check-icon=b4520e4d-a9b4-4d6a-a6df-a30ed7212780.png
x_icon=dc3d73da-fef0-42d6-a822-1f949373a258.png
Organization/Cloud account level deployment
check-icon=b4520e4d-a9b4-4d6a-a6df-a30ed7212780.png
x_icon=dc3d73da-fef0-42d6-a822-1f949373a258.png
(Per bucket)
KMSKey support
check-icon=b4520e4d-a9b4-4d6a-a6df-a30ed7212780.png
FileSecurityStorageKMSKeyARNsForBucketSSE
check-icon=b4520e4d-a9b4-4d6a-a6df-a30ed7212780.png
KMSKeyARNForBucketSSE
KMSKeyARNForQueueSSE
KMSKeyARNForTopicSSE
Permissions Boundary
x_icon=dc3d73da-fef0-42d6-a822-1f949373a258.png
check-icon=b4520e4d-a9b4-4d6a-a6df-a30ed7212780.png
Resource prefixes
x_icon=dc3d73da-fef0-42d6-a822-1f949373a258.png
check-icon=b4520e4d-a9b4-4d6a-a6df-a30ed7212780.png
Deploy in VPC
x_icon=dc3d73da-fef0-42d6-a822-1f949373a258.png
(Will deliver in Q4 2025)
check-icon=b4520e4d-a9b4-4d6a-a6df-a30ed7212780.png

Add AWS accounts to File Security Parent topic

For each cloud account, you need to deploy the Trend Vision One CloudFormation stack with Trend Vision One File Security enabled.

Procedure

  1. Download The Trend Vision One CloudFormation Template by invoking the Get Template API Doc to download the CloudFormation template.
  2. Modify the CloudFormation template to disable Trend Vision One File Security Storage EventBridge Rule:
    V1 CAM Stack
    |
    |-------- TemplateURL of FssStack
                        |
                        |
          V1FSS-Account-Scanner-StackSets
                        |
                        |-------- TemplateURL of FSSStackSet
                                              |
                                              |
                                  V1FSS-Account-Scanner-Stack (Modify State here)
    1. Find Resources: FssStack’s TemplateURL in the V1CAM Stack and download it.
    2. Find Resources: FSSStackSet’s TemplateURL in V1FSS-Account-Scanner-StackSets.yaml and download it.
    3. Modify Resources: OnS3ObjectCreatedRule’s State from ENABLED to DISABLED.
    4. Upload the template to the S3 bucket and ensure the accessibility of the template, and get the Object URL.
    5. Enter the Object URL into the TemplateURL of FSSStackSet.
    6. Upload the template to S3 bucket and to ensure the accessibility of the template and get the Object URL.
    7. Enter the Object URL into the TemplateURL of FssStack.
    8. Upload the template to S3 bucket, ensure the accessibility of the template, and get the Object URL.
    9. Use the Object URL as the input for the AWS CLI create-stack parameter: --template-url
  3. Deploy the modified CloudFormation template:

Verify that Trend Vision One Endpoint Security protection is working Parent topic

Go to the Trend Vision One Endpoint Security App, check the account under Computers. You should be able to see all the instances under a cloud account.

Disable the Trend Cloud One File Security Storage EventBridge rule Parent topic

Disable a rule with a prefix matching “<C1FSS-StackName>-OnS3ObjectCreatedRule”. The <C1FSS-StackName> default value is “Account-Scanner-TM-FileStorageSecurity”. If you have customized the stack name, find the stack name that you entered in your Cloud One File Storage Security deployment.

Enable the Trend Vision One File Security Storage EventBridge Rule Parent topic

Enable the rule with the prefix matching “StackSet-V1FSStackSet-”.

Test upload sample files into protected S3 buckets Parent topic

You should run the test by uploading 1 eicar file and 1 clean file.

Procedure

  1. Verify if the scan result is tagged correctly on the S3 files:
    clean file:
    {
    "fss-scan-detail-code": 0,
    "fss-scan-date": "YYYY/MM/DD hh:mm:ss",
    "fss-scan-result": "no issues found",
    "fss-scan-detail-message": "-",
    "fss-scanned": true
}
    malicious file (eicar)
    {
    "fss-scan-detail-code": 0,
    "fss-scan-date": "YYYY/MM/DD hh:mm:ss",
    "fss-scan-result": "malicious",
    "fss-scan-detail-message": "-",
    "fss-scanned": true
}
  2. Verify if the scan results are successfully sent to Trend Vision One File Security.
    • The AWS accounts and S3 buckets are displayed on the Inventory tab.
    • The scan statistics and detection are displayed on the Scan Activity tab.
    If Trend Vision One File Security Storage works, remove the Cloud One File Storage Security Stack.

Estimated downtime Parent topic

The amount of downtime between disabling the Cloud One rule until verifying the scan results in Trend Vision One is approximately 5-10 minutes per account. You can run this on multiple cloud accounts simultaneously to reduce the overall downtime.