- Categories:
System functions (System Information)
SYSTEM$GET_SNOWFLAKE_EGRESS_IP_RANGES¶
Using egress IP addresses you generate with Snowflake, you can allow ingress access from the following Snowflake features:
External access from UDFs and procedures
Snowpark Container Services external access and Snowflake Openflow on Snowpark Container Services
Snowflake Git integration with IP-restricted Git servers
Returns a list of egress IP address ranges (as Classless Inter-Domain Routing (CIDR) IP addresses) that you can use to represent Snowflake in a server’s IP allowlist.
Use this function to obtain a list of egress IP address ranges with which to allow Snowflake traffic on external servers. You can add IP addresses from the list to the allowlist on an external server from which Snowflake makes requests.
For example, you can allow requests by user-defined functions (UDFs) deployed on Snowflake to access resources on an external server. To do this, you add Snowflake egress IP addresses to the network firewall for your server.
Addresses in the returned list expire. You can automate refreshes from the list as described in Securing ingress of Snowflake requests with egress IP addresses.
Syntax¶
Returns¶
Returns JSON containing a list of CIDR IP addresses, effective date, and an expiration date for each address. The following example shows what the return value looks like:
Usage notes¶
Keep in mind the following about the returned list of CIDR IP address ranges:
Each IP address expires. The returned list includes both the IP address and its expiration date and time. To allow continued access from Snowflake, automate refreshing your allowlist with addresses that have not yet expired.
For more information, see Securing ingress of Snowflake requests with egress IP addresses.
Addresses are scoped to the region of your Snowflake deployment. Addresses for one region differ from those for another region.
Addresses are shared among Snowflake accounts in the region. In other words, they’re not unique to a Snowflake account.