CME can't scan for MIG gateway instances on GCP
I'm a newcomer to CME with GCP and I run into an issue that my on-premises MGMT can't find the cloudguards in GCP.
gcp deployment is handled by terraform scripts and I think I miss a piece of the puzzle so both sides can work together.
in the cme log I get this error:
2022-05-23 16:58:59,083 CME_SERVICE INFO ********** Starting loop iteration number 523 for gateway instances *******
2022-05-23 16:59:00,783 CME_SERVICE INFO There are no gateways known by the management at the beginning of the iteration
2022-05-23 16:59:01,194 CME_SERVICE ERROR Error during synchronization with Security Gateways.
Error details: Failed to scan for gateway instances in the cloud account xxxxxxxxxxxxxxxxxxx..
2022-05-23 16:59:01,200 CME_SERVICE ERROR Error traceback: Traceback (most recent call last):
File "/opt/CPcme/service/cme_service.py", line 433, in sync
filtered_instances = controller.filter_instances()
cloud_connectors.gcp.HTTPException: Unexpected HTTP code: 404
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/opt/CPcme/service/cme_service.py", line 584, in loop
sync(c, management, gateways)
cme_exceptions.cme_exceptions.ControllerException: Error Code: Failed to scan for gateway instances
Failed to scan for gateway instances in the cloud account xxxxxxxxxxxxxxxxxxx.
2022-05-23 16:59:01,200 CME_SERVICE INFO
2022-05-23 16:59:01,485 CME_SERVICE INFO There are no gateways known by the management at the end of the iteration
2022-05-23 16:59:01,485 CME_SERVICE INFO ********** End of the iteration number 523 for gateway instances. Iteration time:
has anybody encountered this issue?
I followed these instructions to set it up:
According to the logs you shared, it looks like a permission issue,
Please make sure you followed the Creating-GCP-Service-Account, and your service account has the right permissions.
If you are still facing the issue, please follow the below and open a ticket:
Collect CME Log Collector file as described in Cloud Management Extension R80.10 and Higher Administration Guide > Troubleshooting > CME Log Collector.
Contact Check Point support, and request to open a ticket that includes CME Log Collector file collected in the previous step.