How to control API based google drive upload or download actions

• For better visibility and more granular control over Google Drive API traffic, App-ID changes are released
• This helps in detection of the Google Drive API traffic that was previously identified using the google-base App-ID.
• The information is available in the Live article APP ID updates for Google Drive APIs.

• Palo Alto Firewalls
• Supported  PAN OS
• API
• Google Drive
• Content version 8621 and above

1. To allow the copy, create, and update Google Drive API methods,  the google-docs-uploading App-ID should be allowed in Security policy rules. 
2. To allow the list, get, and export Google Drive API methods,  the google-docs-downloading App-ID should be allowed in your Security policy rule. 
3. To block these Google Drive API methods, both google-docs-uploading and google-docs-downloading App-IDs have to be blocked in Security policy rules.
4. For information on the Google Drive API. Refer to the additional section.

Google Drive API

• The Google Drive API is used to interact with Google Drive storage, which enables the ability to upload and download files and to search for files, folders, and drives through programming languages, such as Java, JavaScript, and Python.
• Before content release dated 19/Sep/22, Google Drive API traffic was identified as google-base. The Google Drive API create method was identified using the google-docs-uploading App-ID, whereas copy, update, list, get, and export methods were identified by the google-base App-ID. 

With an Applications and Threats content update, the following methods were to the existing App-IDs to have better control over Google Drive API traffic

•  google-docs-uploading - App-ID will now also cover Google Drive API copy and update methods in addition to the create method that was already covered
• google-docs-downloading - App-ID will now also cover Google Drive API  list, get, and export methods.

• • Google Drive API traffic will no longer be associated with the google-base App-ID,
  • Instead it will be identified according to the API method: google-docs-uploading (copy, create, and update methods) or google-docs-downloading (list, get, and export methods).
  • As a result, you should review and update any policies that control Google Drive API traffic to use the google-docs-uploading and google-docs-downloading App-IDs as appropriate and in place of the google-base App-ID.