Updating a legacy Azure connection | Trend Micro Service Central

Views:

Update your Azure subscriptions imported from Server & Workload Protection.

Updating your Trend Cloud One Workload Security instance to Server & Workload Protection automatically imports any associated Azure subscriptions into Cloud Accounts. However, the connection needs to be updated before the Container Security features of Trend Vision One can start to protect the account. Updating a legacy Azure subscription connection allows Trend Vision One to access your cloud service to provide security and visibility into your cloud assets. Some Cloud Account features have limited support for Azure regions. For more information, see Azure supported regions and limitations.

Note

The steps are valid for the AWS console as of March 2024.

Procedure

Sign in to the Trend Vision One console.
In a new tab in the same browser session, sign in to the Azure subscription you want to connect and access the Azure Cloud Shell.
In the Trend Vision One console, go to Service Management → Cloud Accounts → Azure.
Click the name of the legacy connection subscription you want to update.
In the Subscription Settings screen, click Update Subscription.

The Connect Azure Subscription screen appears.
Verify the Subscription ID, Name, and Description or edit as needed.

If you have more than one Server & Workload Protection Manager instance, select the instance to associate with the connected subscription.

Note

If you only have one Server & Workload Protection Manager instance, the subscription is automatically associated with that instance.
When updating a legacy connection, the subscription is disconnected from any other Server & Workload Protection instances.

Click Download Azure Resource Creation Script.

Note

If the button is not enabled, verify that you have specified a properly formatted subscription ID.

In Azure Cloud Shell, access the command line interface.

Note

The Connect Azure Subscription screen in the Trend Vision One console provides a set of commands to help perform the following steps. To complete the connection process, you must copy each command provided in the screen to enable the Done button. While you can alter some of the parameters, Trend Micro recommends using the provided commands as is to prevent the deployment failing.

Create a new directory for the deployment folder and then access the folder.

Copy the command or type mkdir [directoryName] && cd [directoryName].

Note

The commands provided by Trend Vision One use your subscription ID as the directory name. While you can specify any directory name you want, you must ensure the folder has a unique name and that there are no other terraform files in the deployment folder.

Upload the resource creation script to your Azure Cloud Shell.

Azure Cloud Shell uploads the resource creation script to the root directory.

Move the resource creation script to the deployment folder.

Copy the command or type mv ~/cloud-account-management-terraform.tf ./cloud-account-management-terraform.tf.

Important

The resource creation script must be the only terraform file in the directory. Having more than one terraform file in the folder interferes with deployment process and might cause the connection to fail.

Initiate Terraform and apply the resource creation script.

Copy the command or type terraform init && terraform apply.

Azure Cloud Shell begins the terraform process to deploy Trend Vision One security resources.

In the Trend Vision One console, in the Connect Azure Subscription screen, click Done.

Note

If the Done button is not enabled, make sure you have copied the command line for each step on the screen.

The update process might take a few moments to complete. You can refresh the Cloud Accounts scren to check the status of your updated legacy subscription.