IP Whitelisting/Network
By default, any external access to your Snowflake account is prohibited. You are required to setup IP policies to ensure access is only granted to addresses you trust.
First you'll need setup a network rule specific to a trusted location, and then assign that location's IP addresses to it, before finally enabling the rule on your account. You can assign your trusted IP addresses before enabling the rule on your account. Whilst you can add all IP addresses to one rule, it is recommended to use multiple rules to separate concerns. You can do this by creating a 'New Network Rule'.
For example, you may choose to have one rule for your corporate network, and another rule for home office users. This can make management of your rules easier.
For advanced users, it is possible to configure IP address ranges by providing the appropriate CIDR range when configuring the IP addresses against each rule. Depending on your network this may make it easier to maintain your account configuration.
Step 1: Creating a new Network Rule:
Select 'New Network Rule' from the left-hand navigation:
Enter a 'Network Rule Name' (The rule name must start with a letter, contain only letters and numbers with no spaces)
For this step, you can keep the rule disabled as, it can be enabled at a late stage.
Click 'Create'
Step 2 - Adding an IP Address:
Using the the menu icon (three dotted lines) on the selected rule, expand the options and select 'Create Whitelisted IP'.
Note: If Reapit have previously configured your network policy, you will see an existing network rule 'Customer_Ingress_Rule' which you can use:
Enter a single IP Address in the correct format (dotted decimal notation e.g. 111.111.111.111):
By default the 'CIDR Suffix' will be set to '32' as it is the most commonly used range. If you are provided a different CIDR this can be amended. If you are unsure, please reach out to your IT Network provider to confirm.
Step 3: Enabling a Network Rule:
To enable a Network Rule, expand the options on the selected rule and click 'Enable Rule':
FAQ
I use Power BI Hosted, how do I add their IP's to my policy?
On the left-hand navigation, you'll see an option to select 'I Use Power BI':
This will present the following modal:
Clicking on 'Open Mail Client' will populate an email for you to send to our Data Warehouse team, who will apply the Power BI public IP addresses to your policy.
Note: As Power BI hosted IP addresses are subject to can change, this will need to be done at a server level rather than through the Data Warehouse App (you will not see an associated network rule to reflect this). As and when they change, we will automatically update your policy so you only need to make the request once.
How does it work if I don't have a static IP address?
IP Whitelisting is a requirement for accessing Snowflake. If your IP address is subject to change (e.g. different working locations or not static), you will need to add each IP address to your policy to obtain access.
How do I delete an IP Address from a Network Rule?
To delete an IP Address, simply expand the options on the network rule and select the 'bin' icon.
How do I delete a Network Rule?
This feature is not currently available.
Last updated
