CWP for Storage instance fails to enroll and the stack rolls back
search cancel

CWP for Storage instance fails to enroll and the stack rolls back


Article ID: 277010


Updated On:


Cloud Workload Protection for Storage


Enrollment fails and the stack rolls back. The resulting logs contain keywords such as the following:

enroll failed
Enrollment failed; rolling back stack
The table specified does not exist.
There are no credentials provided in your command and environment, we will query for account key for your storage account.
It is recommended to provide --connection-string, --account-key or --sas-token in your command as credentials.
You also can add `--auth-mode login` in your command to use Azure Active Directory (Azure AD) for authorization if your login account is assigned required RBAC roles.
For more information about RBAC roles in storage, visit


Multiple possible causes:

- network communications cannot reach Symantec public servers, or

- overly tight permissions on RBAC roles


To test network access to Symantec public servers

within the VM, type: 

curl -kv
curl -kv
curl -kv
curl -kv
curl -kv

If any of these tests show failures to resolve hostname or failures to connect, check configuration of network for the related Azure or AWS environment.

If the network permits access to these public Symantec servers, then examine RBAC starting with the Microsoft KB