Add stacks to File Storage Security using the API

Recommendation

Before using the API, we recommend you run through the stack deployment using the web interfaces of File Storage Security and Azure. The web interfaces provide a user-friendly introduction to the deployment parameters, concepts, and processes.

For instructions on deploying through the web interfaces, see Get started.

Prerequisites

Install the Azure command-line interface (CLI). All versions are supported.
Create Stacks.
Create an API Key.
Each request that you make requires an authorization and API version in the header.
- Authorization Header
  - For Trend Micro Cloud One API Key:
    - Key: Authorization
    - Value: ApiKey <your api key value>
  - For Legacy API Key (DEPRECATED):
    - Key: api-secret-key
    - Value: <your api key value>
- API version header:
  - Key: api-version
  - Value: v1

Example for Trend Micro Cloud One API Key:

GET /api/external-id HTTP/1.1 Authorization: ApiKey YOUR-API-KEY Api-Version: v1

Example for Legacy API Key:

GET /api/filestorage/external-id HTTP/1.1 api-secret-key: YOUR-API-KEY Api-Version: v1

where YOUR-API-KEY is replaced with the API key you generated previously.

If the API key is valid, the API call is allowed. If not, a 403 code is returned.

Deploy an all-in-one stack using the API

To deploy the all-in-one stack:

Create all-in-one stack using template link or using CLI

Obtain the resource ID of the scanner and storage stacks

Option 1 - Through the Azure console:
- Go to Subscriptions > your subscription > Deployments > your all-in-one stack > Outputs.
- Take note of the tenantID, scannerStackResourceGroupID and storageStackResourceGroupID values.

Option 2 - Through the Azure CLI:

Enter the following Azure CLI command:

<pre><code>
  az deployment sub show \
      --name ALLINONE-STACK-NAME \
      --query 'properties.outputs'
</code></pre>

where...

ALLINONE-STACK-NAME is replaced with the name of your all-in-one stack.

In the command output, take note of the tenantID, scannerStackResourceGroupID and storageStackResourceGroupID output values:


    "scannerStackResourceGroupID": {
        "type": "String",
        "value": "/subscriptions/1234abcd-3c6d-4347-9019-123456789012/resourceGroups/Scanner-TM-FileStorageSecurity"
    },
    "storageStackResourceGroupID": {
        "type": "String",
        "value": "/subscriptions/1234abcd-3c6d-4347-9019-123456789012/resourceGroups/Storage-TM-FileStorageSecurity"
    },
    "tenantID": {
        "type": "String",
        "value": "753c8097-3abc-4567-1234-123456789012"
    }

Add the scanner and storage stacks to File Storage Security

First, add the scanner stack:
- Call Create Stack and include the scannerStackResourceGroupID and tenantID output value in the request body.
  
  The creation of the scanner stack will begin.
- Take note of stackID in the API response, which is the scanner stack’s ID.
- Call Describe Stack using the scanner stack's stackID noted in the previous step, and continue calling until the status in the response body becomes ok.
  
  You have now added the scanner stack.
Now add the storage stack:
- Call Create Stack, and include the previously-noted scanner stack stackID, storage stack storageStackResourceGroupID and tenantID output value in the request body.
The creation of the storage stack will begin.
- Take note of stackID in the API response, which is the storage stack’s ID.
- Call Describe Stack using the storage stack's stackID noted in the previous step, and continue calling until the status in the response body becomes ok.
The stacks must be added separately, and the scanner stack must be added prior to the storage stack, as described above.

Deploy a scanner stack using the API

To deploy the scanner stack:

Create a scanner stack using template link or using CLI
Obtain the resource ID of the scanner stack
- Option 1 - Through the Azure console:
  - Go to Resource groups > your scanner stack resource group > Deployments > your scanner stack deployment > Outputs.
  - Take note of the tenantID, and scannerStackResourceGroupID output value.
- Option 2 - Through the Azure CLI:
  - Enter the following Azure CLI command:
```
    <pre><code>
az deployment group show \
    --name scannerStack \
    --resource-group SCANNER-STACK-NAME \
    --query 'properties.outputs'
```
    where...
    
    SCANNER-STACK-NAME is replaced with the name of your scanner stack.
  - In the command output, take note of the tenantID and scannerStackResourceGroupID output value:
```
    "scannerStackResourceGroupID": {
        "type": "String",
        "value": "/subscriptions/1234abcd-3c6d-4347-9019-123456789012/resourceGroups/FSSScanner2"
    },
    "tenantID": {
        "type": "String",
        "value": "753c8097-3abc-4567-1234-123456789012"
    }
>
```



Add the scanner stack to File Storage Security


Call Create Stack and include the scanner stack scannerStackResourceGroupID and tenantID output value in the request body.
The creation of the scanner stack will begin.


Take note of the stackID in the API response, which is the scanner stack’s ID.


Call Describe Stack using the scanner stack's stackID noted in the previous step, and continue calling until the status in the response body becomes ok.
You have now added the scanner stack.



Deploy a storage stack using the API
To deploy the storage stack:


Create a storage stack using template link or using CLI


Obtain the resource ID of the storage stack


Option 1 - Through the Azure portal:

Go to Resource groups > your storage stack resource group > Deployments > your storage stack deployment > Outputs.
Take note of the tenantID, and storageStackResourceGroupID output value.



Option 2 - Through the Azure CLI:


Enter the following Azure CLI command:

    az deployment group show \
        --name storageStack \
        --resource-group STORAGE-STACK-NAME \
        --query 'properties.outputs'

where...
STORAGE-STACK-NAME is replaced with the name of your storage stack.


In the command output, take note of the tenantID and storageStackResourceGroupID output value:

    "storageStackResourceGroupID": {
        "type": "String",
        "value": "/subscriptions/1234abcd-3c6d-4347-9019-123456789012/resourceGroups/FSSStorage2"
    },
    "tenantID": {
        "type": "String",
        "value": "753c8097-3abc-4567-1234-123456789012"
    }







Add the storage stack to File Storage Security

Call List Stacks to retrieve the scanner stack’s stackID.

Call Create Stack and include the scanner stack stackID, the storage stack storageStackResourceGroupID, and tenantID output value in the request body.
The creation of the storage stack will begin.


Take note of the stackID in the API response, which is the storage stack’s ID.


Call Describe Stack using the storage stack's stackID noted in the previous step, and continue calling until the status in the response body becomes ok.
You have now added the storage stack.





  
  
    Previous    
    Create stacks in Azure
    
  
  
    Next    
   Create stacks in GCP

  
    

  
    Data Protection
    Legal
    Browser Requirements
  
  
    Trend Micro Youtube channel
    Send us feedback
    © 2024 Trend Micro Incorporated. All rights reserved