Reputation: 143
Whitelisting Bitbucket IP addresses to access Snowflake
I have a bitbucket pipeline which runs a dbt build. The pipeline was working fine until it started failing with this error
250001 (08001): Failed to connect to DB: $SNOWFLAKE_ACCNT_ID.snowflakecomputing.com:443. Incoming request with IP/Token 3.82.205.34 is not allowed to access Snowflake. Contact your account administrator. For more information about this error, go to https://community.snowflake.com/s/ip-xxxxxxxxxxxx-is-not-allowed-to-access.
I already have a Network Policy in my Snowflake account which whitelists all the IPs mentioned here
I have tried re-running the Bitbucket pipelines 2 more times. I found new IPs trying to access Snowflake everytime
250001 (08001): Failed to connect to DB: $SNOWFLAKE_ACCNT_ID.snowflakecomputing.com:443. Incoming request with IP/Token 35.170.53.28 is not allowed to access Snowflake. Contact your account administrator. For more information about this error, go to https://community.snowflake.com/s/ip-xxxxxxxxxxxx-is-not-allowed-to-access.
250001 (08001): Failed to connect to DB: $SNOWFLAKE_ACCNT_ID.snowflakecomputing.com:443. Incoming request with IP/Token 54.227.45.44 is not allowed to access Snowflake. Contact your account administrator. For more information about this error, go to https://community.snowflake.com/s/ip-xxxxxxxxxxxx-is-not-allowed-to-access.
250001 (08001): Failed to connect to DB: $SNOWFLAKE_ACCNT_ID.snowflakecomputing.com:443. Incoming request with IP/Token 3.82.205.34 is not allowed to access Snowflake. Contact your account administrator. For more information about this error, go to https://community.snowflake.com/s/ip-xxxxxxxxxxxx-is-not-allowed-to-access.
How come these new IPs are not mentioned in the link I mentioned above? Where can I find the list of these new IPs?
Upvotes: 1
Views: 492
Answers (2)
Reputation: 3834
Those IP ranges are always evolving.
If you whitelisted them today, you must also ensure you are able to oversee IP ranges that come and go and update your network rules ASAP.
Terraform is a handy tool for this purpose. I can recommend my https://github.com/calidae/terraform-bitbucket-ip-addresses module. Disclaimer: I am the author and it is unmaintained.
If you can't keep up with the pace at which Atlassian rotates their IP ranges, you should consider using an outbound proxy in your pipelines.
Upvotes: 0
Reputation: 1640
I think you need to review the IP ranges for BitBucket from this link - and and then use the outgoing IPs from the Bitbucket that needs to be whitelisted on Snowflake.
If that doesn't work either then you will need to check with BitBucket team to get the right list of IP ranges.
Upvotes: 1
Related Questions
- Is it possible to use `externalbrowser` authenticator inside docker container for connection authentication with Snowflake?
- Connecting to snowflake in django using proxy
- Snowflake connectivity issue from Power BI/Tableau
- Error when using passphrase to open snowsql connection
- SNowflake-Power BI connectivity Issue - CURLerror
- How to resolve login issue in the snowSQL
- Snowflake Role error while connecting using Python