External network access limitations¶

Limitations¶

• Currently, handlers written only in Java or Python may access network locations external to Snowflake.

• External network locations not on the public internet are not supported for external access. For example, locations behind a virtual private network (VPN) or virtual network (VNet) can’t be reached from a UDF or procedure.

• When using a wildcard in a VALUE_LIST value in a network rule, the following are not valid wildcard uses:

  • snowflake.*.google.com

    Cannot be used to match snowflake.sub1.sub2.google.com because the asterisk can only be used to match alphanumeric characters and hyphens.

  • *.*.google.com

    Invalid because there are multiple asterisks in the wildcard.

  • *.com

    Invalid because the asterisk cannot be used to match the secondary level domain.

• When using a secret of the PASSWORD type, the colon character (:) is not supported in the USERNAME or PASSWORD parameters.

• By default, Snowflake does not enable external access for trial accounts. Contact your account representative to get external access enabled for a trial account.