06-06-2025 02:16 PM
We have an on-prem dev environment with outbound access through a PA-3220 running 11.0.4-h6. We are trying to craft a rule to allow an on-prem src to connect to AWS console to run terraform scripts.
We've tried using application type amazon-aws-console with and without the web+ssl dependencies. Also tried restricting it to just http+https with a URL category list including
sts.amazonaws.com
*.aws.amazon.com
*.console.aws.amazon.com
It only works reliably if we simply allow http+https to any destination. Browsing test traffic I would suspect it is all the redirects on the AWS side causing issues.
Can anyone offer guidance or point to a KB that would detail the best way to handle this traffic? Given the search terms I get a flood of results specific to running NGFW in AWS.
Note also we have URL filtering license.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
