Mods

turbot/snowflake_compliance

GitHub
Overview
1Dashboards
18Controls
11Queries
3Variables
GitHub
Loading controls...
On This Page
Description
Usage
Params
SQL
Get Involved
Edit on GitHub
Discuss on Slack

Control: Use network policies to allow 'known' client locations (IP ranges)

Description

Use network policies to allow known client locations (IP ranges) to connect to your Snowflake account while blocking others. Additionally, if you’re using service account users to connect from a client application, SCIM, or Snowflake OAuth integrations, check if you need to configure different network policies (SCIM network policy, OAuth network policy) that overrides the account level network policy.

Usage

Run the control in your terminal:

steampipe check snowflake_compliance.control.security_overview_network_security_network_policy_allowed_list_set

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share snowflake_compliance.control.security_overview_network_security_network_policy_allowed_list_set

SQL

This control uses a named query:

network_policy_allowed_list_set

Params

ArgsNameDefaultDescriptionVariable
$1allowed_ips
["192.168.1.0/24"]