Customize quarantine, promote, and failure buckets

Views:

When setting up your Cloud Account Management Terraform template, you have the option of setting the destination of the scanned files, depending on the results of the scan. If you do not set the parameters, the scanned files remain in their original location with metatags indicating their status.

File Security Storage supports three types of destination buckets:

quarantine_bucket: Specifies the GCS bucket path where files identified as malicious will be quarantined. When a file is detected as malware or contains threats, File Security Storage will move it to this bucket for isolation and further investigation.
clean_bucket: Specifies the GCS bucket path where files that pass security scanning will be moved. Clean files are those verified to be free of malware and other security threats.

failure_bucket: Specifies the GCS bucket path where files that cannot be scanned will be moved. This includes files that encounter scanning errors, exceed size limits, are corrupted, or have unsupported formats.

When you set the buckets use one of the following formats:

gs://bucket-name
gs://bucket-name/path/to/folder

To set these optional parameters, carry out the following before deploying the terraform template. If you have already deployed the template, you need to redeploy the template.

In the template package, find the main.tf file.

In the file, locate the file-storage-security section.

module "file-storage-security" {
    source = "https://{fss template path}/gcp-templates.zip"
    business_id = module.cam.v1_account_id
    project_id = module.cam.project_id
    deploy_region = module.cam.cam_deployed_region
    bootstrap_token = "{token}"
    fss_api_endpoint = "https://{fss api endpoint}"
    xlogr_api_endpoint = "https://{v1 xlogr endpoint}"
    artifact_registry = "{fss artifact source}"
    quarantine_bucket = ""
    clean_bucket = ""
    failure_bucket = ""
  }

Update the following parameters with the desired GCP bucket:

module "file-storage-security" {
  # ... other configuration ...
  quarantine_bucket = "gs://fss-quarantine-container"
  clean_bucket      = "gs://fss-clean-container"
  failure_bucket    = "gs://fss-failure-container"

Run thedeploy.sh script.