Airlock Malware Scanning not working for Export #4403
Comments
|
we have re-enabled 'enable_airlock_malware_scanning: true' and the airlock import requests are moving to 'in review' BUT - when I check defender settings for each of the storage accounts in the TRE defender shows as OFF Is there a way to confirm if malware scanning is actually happening with airlock import / export requests? |
|
I believe there is a ScanResultEvent in the Airlock Processor Function, also I believe should see under "history" of the airlock request, but not 100% on this. |
|
Hi Marcus, ScanResultEvent showing as scanned during airlock import, but nothing for an export - is this the expected behaviour? Thanks, |
|
Looking at: It seems to only be enabled for import. I can't see any setting for export storage: https://github.com/marrobi/AzureTRE/blob/80ef191797da234749c23ad05ef3de440c07f92a/templates/workspaces/base/terraform/airlock/storage_accounts.tf Which doesn't align with the docs. We need to look into this, as believe it should eb enabled both ways. |
|
Hi @marrobi , Just wondering if you need anything more from us or if we can assist in any way on this? NB: we have re-tested today with a fresh import and a fresh export. In 'ScanResultTrigger' (for 'func-airlock-processor-xxxxx') we only observe scan results for imports, no scans for exports. Kind regards, |
|
If you feel you are able to look at modifying to work for export, do let us know and we can assign the issue. Happy to help point in the right direction (see link above). Otherwise we will add this to the backlog and will be looked at when capacity allows. |
marrobi
changed the title
|
@marrobi Please assign this to me. |
Hi,
We deployed TRE with 'enable_airlock_malware_scanning: true' . Airlock import requests were not moving from submitted > in review and the import requests were not showing for the airlock manager.
We ran 'make deploy-core' with 'enable_airlock_malware_scanning: false' and the airlock import requests moved to 'in review' and were available to the airlock manager.
The malware scanning is a critical feature for our client and we would appreciate some assistance to establish how to get this enabled.
Many thanks,
Alan
The text was updated successfully, but these errors were encountered: