Views:

Add and connect an Azure subscription to the Cloud Accounts app to allow Trend Vision One to provide security for your cloud assets.

Adding an Azure subscription to the Cloud Accounts app allows Trend Vision One to access your cloud service to provide security and visibility into your cloud assets. Before you begin, review the permission requirements and region limitations for connecting an Azure subscription to Cloud Accounts.
Important
Important
The steps are valid for Azure Cloud Shell as of December, 2023.

Procedure

  1. Sign in to the Trend Vision One console.
  2. In a new tab in the same browser session, sign in to the Azure subscription you want to connect and access the Azure Cloud Shell.
  3. In the Trend Vision One console, go to Cloud SecurityCloud AccountsAzure.
  4. In the Cloud Accounts screen, click Add.
    The Connect Azure Subscription screen appears.
  5. Specify the Subscription ID for the Azure subscription you want to connect.
    The subscription ID is a twelve digit number unique to your subscription.
  6. Specify a Name for the subscription which appears in the Cloud Accounts list.
  7. Specify a Description to help identify the purpose of the connection.
  8. If you have more than one Server & Workload Protection Manager instance, select the instance to associate with the connected subscription.
    Note
    Note
    • If you only have one Server & Workload Protection Manager instance, the subscription is automatically associated with that instance.
    • When updating a legacy connection, the subscription is disconnected from any other Server & Workload Protection instances.
  9. Click Download Azure Resource Creation Script.
    Note
    Note
    If the button is not enabled, verify that you have specified a properly formatted subscription ID.
  10. In Azure Cloud Shell, access the command line interface.
    Note
    Note
    The Connect Azure Subscription screen in the Trend Vision One console provides a set of commands to help complete the following steps. To complete the connection process, you must copy each command provided in the screen to enable the Done button. While you can alter some parameters, Trend Micro recommends using the provided commands as is to prevent the deployment failing.
  11. Create a new directory for the deployment folder and then access the folder.
    Copy the command or type mkdir [directoryName] && cd [directoryName].
    Note
    Note
    The commands provided by Trend Vision One use your subscription ID as the directory name. While you can specify any directory name you want, you must ensure the folder has a unique name and that there are no other terraform files in the deployment folder.
  12. Upload the resource creation script to your Azure Cloud Shell.
    Azure Cloud Shell uploads the resource creation script to the root directory.
  13. Move the resource creation script to the deployment folder.
    Copy the command or type mv ~/cloud-account-management-terraform.tf ./cloud-account-management-terraform.tf.
    Important
    Important
    The resource creation script must be the only terraform file in the directory. Having more than one terraform file in the folder interferes with deployment process and might cause the connection to fail.
  14. Initiate Terraform and apply the resource creation script.
    Copy the command or type terraform init && terraform apply.
    Azure Cloud Shell begins the terraform process to deploy Trend Vision One security resources.
  15. In the Trend Vision One console, in the Connect Azure Subscription screen, click Done.
    Note
    Note
    If the Done button is not enabled, make sure you have copied the command line for each step on the screen.
    The connection process might take a few moments to complete. You can refresh the Cloud Accounts screen to check the status of your added subscription.