Is there a way to know why cloudd is connecting a site?
I see cloudd connecting to multiple Apple sites, which I know little about, but they are apple.com or icloud.com sites, which seems reasonable:
- metrics.icloud.com
- gateway.icloud.com
- us-east-1.blobstore.apple.com
Today cloudd wanted permission to connect to us-east-1.amazonaws.com and Little Snitch put up a dialog box. Looking cloudd there were also these two:
- usync.icloud-content.com
- edge-068.usbos.icloud-content.com
Apple owns the domain icloud-content.com, so I am guessing these are OK.
The Amazon connection is less obvious.
Is there a way to know why cloudd is connecting to specific sites?
Little Snitch should already be aware of all Apple domains & be configured by default to allow them. Apple owns all of 17.x.x.x, of which icloud-content.com is a member.
Make sure you have these rule groups on.
Apple processes will also often need access to AWS & Akamai, who are CDNs [Content Delivery Networks] used by Apple & a myriad other companies. Trying to figure out why any of these connections may need to be made is a pointless exercise. You only need to trust the service doing the access, which is an Apple-only daemon.