Table of contents

Add stacks to File Storage Security using the API

Recommendation

Before using the API, we recommend you run through the stack deployment using the web interfaces of File Storage Security and GCP. The web interface provides a user-friendly introduction to the deployment parameters, concepts, and processes.

For instructions on deploying through the web interfaces, see Get started

Prerequisites

  1. Create Stacks.
  2. Create an API Key.
  3. Each request that you make requires an authorization and API version in the header.

    • Authorization Header
      • For Trend Micro Cloud One API Key:
        • Key: Authorization
        • Value: ApiKey <your api key value>
      • For Legacy API Key (DEPRECATED):
        • Key: api-secret-key
        • Value: <your api key value>
    • API version header:
      • Key: api-version
      • Value: v1

Example for Trend Micro Cloud One API Key:

GET /api/external-id HTTP/1.1
Authorization: ApiKey YOUR-API-KEY
Api-Version: v1

Example for Legacy API Key:

GET /api/filestorage/external-id HTTP/1.1
api-secret-key: YOUR-API-KEY
Api-Version: v1

YOUR-API-KEY above is replaced with the API key you generated previously.

If the API key is valid, the API call is allowed. If not, a 403 code is returned.

Deploy an all-in-one stack using the API

  1. Create all-in-one stack using CLI. The created scanner stack's deployment name is DEPLOYMENT_NAME_PREFIX-scanner. The created storage stack's deployment name is DEPLOYMENT_NAME_PREFIX-storage.
  2. Add the scanner and storage stacks to File Storage Security. First, add the scanner stack:

    • Call Create Stack and include the projectID and deploymentName value in the request body, where the projectID is the ID of the GCP project you deployed for the stack, and the deploymentName is the scanner stack's deployment name.

    • Take note of stackID in the API response, which is the scanner stack’s ID.

    • Call Describe Stack using the scanner stack's stackID noted in the previous step, and continue calling until the status in the response body becomes ok. You have now added the scanner stack.

    Now add the storage stack:

    • Call Create Stack, and include the previously-noted scanner stack stackID, projectID and deploymentName in the request body, where the projectID is the ID of the GCP project you deployed the stack, and the deploymentName is the storage stack's deployment name. The creation of the storage stack will begin.

    • Take note of stackID in the API response, which is the storage stack’s ID.

    • Call Describe Stack using the storage stack's stackID noted in the previous step, and continue calling until the status in the response body becomes ok.

The stacks must be added separately, and the scanner stack must be added prior to the storage stack, as described above.

Deploy a scanner stack using the API

  1. Create a scanner stack using CLI.

  2. Add the scanner stack to File Storage Security:

    • Call Create Stack and include the projectID and deploymentName value in the request body, where the projectID is the ID of the GCP project you deployed the stack, and the deploymentName is the scanner stack's deployment name.
    • Take note of stackID in the API response, which is the scanner stack’s ID.
    • Call Describe Stack using the scanner stack's stackID noted in the previous step, and continue calling until the status in the response body becomes ok.

    You have now added the scanner stack.

Deploy a storage stack using the API

  1. Create a storage stack using CLI.

  2. Add the storage stack to File Storage Security:

    • Call List Stacks to retrieve the scanner stack’s stackID.
      • Call Create Stack, and include the previously-noted scanner stack stackID, projectID and deploymentName in the request body, where the projectID is the ID of the GCP project you deployed the stack, and the deploymentName is the storage stack's deployment name.
    • Take note of stackID in the API response, which is the storage stack’s ID.
    • Call Describe Stack using the storage stack's stackID noted in the previous step and continue calling until the status in the response body becomes ok.

    You have now added the storage stack.