Is there a way to know why cloudd is connecting a site?

I see cloudd connecting to multiple Apple sites, which I know little about, but they are apple.com or icloud.com sites, which seems reasonable:

  • metrics.icloud.com
  • gateway.icloud.com
  • us-east-1.blobstore.apple.com

Today cloudd wanted permission to connect to us-east-1.amazonaws.com and Little Snitch put up a dialog box. Looking cloudd there were also these two:

  • usync.icloud-content.com
  • edge-068.usbos.icloud-content.com

Apple owns the domain icloud-content.com, so I am guessing these are OK.

The Amazon connection is less obvious.

Is there a way to know why cloudd is connecting to specific sites?


Little Snitch should already be aware of all Apple domains & be configured by default to allow them. Apple owns all of 17.x.x.x, of which icloud-content.com is a member.

Make sure you have these rule groups on.

enter image description here

Apple processes will also often need access to AWS & Akamai, who are CDNs [Content Delivery Networks] used by Apple & a myriad other companies. Trying to figure out why any of these connections may need to be made is a pointless exercise. You only need to trust the service doing the access, which is an Apple-only daemon.