Support Center > Search Results > SecureKnowledge Details
CloudGuard Controller loses connection to Google Cloud Platform (GCP) projects Technical Level
Symptoms
  • CloudGuard Controller loses connection to Google Cloud Platform (GCP) projects
  • Debug with GCP controller in cloud_proxy.elg shows:
     Process Output String= ConnectivityProblem
    
     Process Error String= The resource 'projects/Object-name' was not found
    
    check at GCP portal, Object-name does not existed or in pending delete. 
    
    
  • The service account used by Check Point Controller is assigned to a folder in GCP that includes multiple projects. The "object-name" project is in that folder, or still in that folder in "pending delete".
Cause
When a project is deleted in GCP, it is put in "pending delete" status for 30 days and then fully removed from the database. 

Check Point controller uses the service account provided by GCP to make GCP API calls to get objects/projects/hosts and anything assigned to that service account.

When a service account is assigned to a folder, the Controller is able to query all projects under that folder, including the "pending delete" projects. 

An issue with Check Point controller results in the following: After calls to the GCP API to get all projects, it does not check the project status and starts querying all projects one by one. When it hits a  "pending delete" project, it stops the remaining querying procedures.


Solution
Note: To view this solution you need to Sign In .