Procedure

1. Sign in to the Trend Vision One console.
2. In a separate browser tab, sign into your Azure portal account.
3. In theTrend Vision One console, go to Cloud Security → Cloud Accounts → Azure
4. Click Add Subscription.
5. On the Deployment Type page, select Management Group.
6. Click Next.
7. Specify the general information for the Management Group.
   1. Specify the Management Group ID.
   2. Add a description to display in Cloud Accounts.
   3. Specify the subscriptions you want to exclude from Cloud Account deployment by entering the subscription IDs in the Excluded descriptions area. If you are typing in the subscription IDs (instead of copying and pasting from Azure), you must separate Subscription IDs by commas.
   4. Select the Azure region for deployment.

      Note The default region is your Trend Vision One region. Some Cloud Account features have limited support for Azure regions. For more information, see Azure supported regions and limitations.

   5. If you have more than one Server & Workload Protection Manager instance, select the instance to associate with the connected account.

      Note If you have one Server & Workload Protection Manager instance, the account is automatically associated with that instance.

8. Click Next.
9. Configure the Features and Permissions you want to grant access to your cloud environment. For more information, see Azure features and permissions.
10. Click Next.
11. Create a new directory for the deployment folder and then access the folder.
    In Azure Cloud Shell, copy the command to create the deployment folder.

    Note The Connect Azure Management Group screen in the Trend Vision One console provides a set of commands to help complete the following steps. To complete the connection process, you must copy each command provided in the screen to enable the Done button. While you can alter some parameters, Trend Micro recommends using the provided comands as is to prevent the deployment failing.

12. In the Trend Vision One console, select whether you will upload the resource creation script manually or using CLI.
13. Copy the resource creation script from the Trend Vision One console.
14. In Azure Cloud Shell, access the command line interface and enter the resource creation script you copied in the previous step. This downloads the script directly to your cloud environment.
15. Extract the template by copying the command from the Trend Vision One console.

    Note You must have permission enabled to unzip in your cloud environment.

16. Navigate to the deployment folder by copying the command from the Trend Vision One console.
17. Initiate Terraform and run the resource creation script.
    Azure Cloud Shell begins the terraform process to deploy Trend Vision One security resources.
18. In the Trend Vision One console, click Done.