search cancel

SpanVA fails AWS/GCP check in Diagnostic log.

book

Article ID: 257530

calendar_today

Updated On:

Products

CASB Audit

Issue/Introduction

When running the Diagnostic report in SpanVA is shows: [Error] Exception while checking connectivity to AWS/GCP.

 

This can cause problems updating the SpanVA and also uploading logs to a CloudSOC data source.

Environment

Palo Alto Firewall

Cause

Palo Alto Firewall is blocking traffic to GCP

Resolution

Ensure that the following subdomains to GCP are allowed in the firewall

- For US: https://audit-main-prod-us.storage.googleapis.com
- For EU: https://audit-main-prod-eu.storage.googleapis.com

 

If Palo Alto firewall is using Application IDs in the rules, ensure that the AppID called 'google-base' is allowed.

 

Attachments