​
🏒 Enterprise Feature

This guide is for Enterprise tier customers who need to configure IP allowlists for their Snowflake connections. To get the required IP addresses for allowlisting, contact our team at support@hunch.dev.

​
πŸ“‹ Overview

This document describes how to configure IP allow lists for Snowflake to restrict access to only specific IP addresses while allowing Hunch to connect to your Snowflake instance.

​
βš™οΈ Configuration Steps

​
Step 1: Create Network Rule

Create a network rule that includes the IP addresses provided by our team. Network rules can contain IP addresses, IP ranges (network ID), or VPC IDs. 
USE <YOUR_DB>.<YOUR_SCHEMA>;

CREATE NETWORK RULE allow_hunch_access_rule
  MODE = INGRESS
  TYPE = IPV4
  VALUE_LIST = ('<IP_ADDRESS_1>/32', '<IP_ADDRESS_2>/32');
Replace <IP_ADDRESS_n> with the specific IP addresses provided by our support team.

​
Step 2: Create Network Policy

Network policies contain allowed network rule lists and blocked network rule lists.
If an allowed IP address conflicts with a blocked IP address, the blocked rule will take precedence. 
CREATE NETWORK POLICY hunch_network_policy
  ALLOWED_NETWORK_RULE_LIST = ('allow_hunch_access_rule');

​
Step 3: Apply Network Policy

Network policies can be applied at the account level, to individual users, or to security integrations.
In the following example, we apply the network policy to a specific user: 
ALTER USER <hunch_service_user> SET NETWORK_POLICY = hunch_network_policy;
Replace <hunch_service_user> with your actual Hunch service user name.

​
βœ… Verification

​
Test the Configuration

  1. After applying the network policy, test the connection from Hunch:
    • Go to your Hunch integration settings
    • Click Test Connection
    • Verify the connection succeeds

​
🚨 Troubleshooting

​
Common Issues

  1. Connection Refused:
    • Verify all IP addresses provided by our team are included in the network rule
    • Check that the network policy is applied to the correct user
  2. Policy Not Taking Effect:
    • Ensure the network policy is activated
    • Verify the user has the correct network policy assigned
  3. Test Connection Fails:
    • Confirm all IP addresses from our team are included in the allowlist
    • Check that the network rule syntax is correct

​
Viewing Current Network Rules

To see existing network rules: 
SHOW NETWORK RULES;
To see existing network policies: 
SHOW NETWORK POLICIES;

​
πŸ“š Additional Resources

For more detailed information about Snowflake network policies, refer to the official Snowflake documentation.

​
πŸ†˜ Need Help?

If you encounter issues configuring your Snowflake IP allowlist, please contact us at support@hunch.dev with:
  • The error messages you’re seeing
  • Your current network rule and policy configuration
  • Steps you’ve already taken
We’re here to help you get connected securely!