Adding an Azure subscription

Procedure

1. Sign in to the Trend Vision One console.
2. In a new tab in the same browser session, sign in to the Azure subscription you want to connect and access the Azure Cloud Shell.
3. In the Trend Vision One console, go to Service Management → Cloud Accounts → Azure.
4. In the Cloud Accounts screen, click Add.
   The Connect Azure Subscription screen appears.
5. Specify the Subscription ID for the Azure subscription you want to connect.
   The subscription ID is a twelve digit number unique to your subscription.
6. Specify a Name for the subscription which appears in the Cloud Accounts list.
7. Specify a Description to help identify the purpose of the connection.
8. If you have more than one Server & Workload Protection Manager instance, select the instance to associate with the connected subscription.

   Note If you only have one Server & Workload Protection Manager instance, the subscription is automatically associated with that instance. When updating a legacy connection, the subscription is disconnected from any other Server & Workload Protection instances.

9. Click Download Azure Resource Creation Script.

   Note If the button is not enabled, verify that you have specified a properly formatted subscription ID.

10. In Azure Cloud Shell, access the command line interface.

    Note The Connect Azure Subscription screen in the Trend Vision One console provides a set of commands to help perform the following steps. To complete the connection process, you must copy each command provided in the screen to enable the Done button. While you can alter some of the parameters, Trend Micro recommends using the provided commands as is to prevent the deployment failing.

11. Create a new directory for the deployment folder and then access the folder.
    Copy the command or type mkdir [directoryName] && cd [directoryName].

    Note The commands provided by Trend Vision One use your subscription ID as the directory name. While you can specify any directory name you want, you must ensure the folder has a unique name and that there are no other terraform files in the deployment folder.

12. Upload the resource creation script to your Azure Cloud Shell.
    Azure Cloud Shell uploads the resource creation script to the root directory.
13. Move the resource creation script to the deployment folder.
    Copy the command or type mv ~/cloud-account-management-terraform.tf ./cloud-account-management-terraform.tf.

    Important The resource creation script must be the only terraform file in the directory. Having more than one terraform file in the folder interferes with deployment process and might cause the connection to fail.

14. Initiate Terraform and apply the resource creation script.
    Copy the command or type terraform init && terraform apply.
    Azure Cloud Shell begins the terraform process to deploy Trend Vision One security resources.
15. In the Trend Vision One console, in the Connect Azure Subscription screen, click Done.

    Note If the Done button is not enabled, make sure you have copied the command line for each step on the screen.

    The connection process might take a few moments to complete. You can refresh the Cloud Accounts screen to check the status of your added subscription.