trendmicro / cloudone-filestorage-plugins

Trend Micro Cloud One File Storage Security plugins reference code.

https://cloudone.trendmicro.com

Apache License 2.0

42 stars 51 forks source link

Feature/promote or quarantine with vnet #137

Closed trend-ryan-c-wu closed 1 year ago

trend-ryan-c-wu commented 1 year ago

Integrating Promote or Quarantine with Azure VNet

Change Summary

This PR is extend of PR#136. To avoid confusion, please review the latest commit of PR#136 or wait for its merge.

The following refinements have been made:

Additional parameters have been added to facilitate integration with VNet.
Two private endpoints have been implemented to access the storage account for the promote or quarantine functions.
Inbound access has been restricted for the promote or quarantine functions, and outbound integration with VNet has been implemented.
Application insight restrictions have been applied based on the provided parameters.
Adjust the typo Promte to Promote

PR Checklist

[x] I've read and followed the Contributing Guide.
Documents/Readmes
- [x] Updated accordingly
- [ ] Not required
Plugins that have versioning
- [ ] Version bumped and follows Semantic Versioning
- [x] Not required

Other Notes

Testing Reulst

More private endpoints have been deployed

Function App Network

Application Insight VNETRestrictedAccessForApplicationInsights=true, there is no log could be query from public network

Manual setup application network to allow query from public network, the logs appear

Firewall rule allow github to fetch the artifacts