Network Requirements
You need to allow inbound and outbound traffic from Coalesce.
IP addresses should be on the allow list at the account level and not the user level.
Allow Inbound Traffic from Coalesce
When using Coalesce, we will connect to Snowflake from the following IP addresses. Be sure to allow traffic from all IPs in the respective Coalesce region by locating your domain (URL) below.
Snowflake recommends using Network Rules to update network information.
Running ALTER ACCOUNT SET NETWORK_POLICY = ‘<COALESCE_NETWORK_POLICY>
will overwrite any existing network policies, which can lead to other users losing Snowflake access.
If there are current network policies, you should add the Coalesce IPs in the ALLOWED_IP_LIST to the existing policy, instead of replacing the entire policy.
Google Cloud Platform (GCP)
United States (GCP)
US Central 1
Domain:app.coalescesoftware.io
IP Addresses:
35.184.36.82
34.122.41.172
104.197.181.174
104.197.239.181
34.42.195.106
34.68.106.79
34.68.120.84
35.223.203.238
34.132.232.62
34.123.199.186
34.30.33.202
35.193.16.39
35.239.135.16
34.41.250.208
35.222.123.215
34.121.9.26
Europe
Europe West 3
- Domain:
app.eu.coalescesoftware.io
- IP Addresses:
34.89.191.247
34.89.148.26
35.246.145.217
34.141.50.108
34.159.114.61
35.198.174.119
34.159.236.68
34.141.97.246
34.141.85.173
34.159.92.100
35.234.79.196
35.246.181.59
34.159.213.117
35.198.149.245
35.198.130.208
34.159.109.127
Australia
Southeast 1
Domain: app.australia-southeast1.gcp.coalescesoftware.io
IP Addresses:
34.116.123.45
34.116.78.163
35.244.80.87
34.116.95.120
35.201.3.42
35.244.92.117
35.197.183.131
34.116.87.108
35.189.42.234
35.201.8.86
35.189.32.148
34.116.82.99
34.116.110.251
34.87.228.146
35.197.168.207
35.244.65.40
Microsoft Azure
United States (Azure)
Central US
- Domain:
app.centralus.azure.coalescesoftware.io
- IP Address:
20.106.19.0/29
US West 2 (Azure)
- Domain:
app.westus2.azure.coalescesoftware.io
- IP Address:
4.242.19.208/29
US East 2
- Domain:
app.eastus2.azure.coalescesoftware.io
- IP Address:
172.210.156.64/29
Amazon Web Services (AWS)
United States
US East 1
- Domain:
app.us-east-1.aws.coalescesoftware.io
- IP Addresses:
54.164.136.234
54.204.122.114
35.153.45.74
3.222.28.181
54.162.41.198
54.237.34.70
44.218.190.25
44.214.13.195
3.233.107.188
52.203.105.88
44.214.198.37
23.21.137.7
18.214.188.200
34.234.18.234
34.232.239.54
US West 2 (AWS)
- Domain:
app.us-west-2.aws.coalescesoftware.io
- IP Addresses:
52.34.52.101
54.245.169.140
52.40.254.45
54.184.34.110
54.218.245.200
44.230.62.194
44.236.171.53
52.38.24.181
52.33.89.80
52.37.156.238
44.224.250.156
35.155.62.60
34.212.220.146
35.164.137.106
34.212.187.109
Required Outbound Traffic Domains
Allow HTTPS connectivity to the following domains:
https://firestore.googleapis.com
https://firebasestorage.googleapis.com/
https://identitytoolkit.googleapis.com/
https://securetoken.googleapis.com/
https://storage.coalescesoftware.io/
https://app.coalescesoftware.io
https://*.app.coalescesoftware.io
https://app.eu.coalescesoftware.io/
https://*.app.eu.coalescesoftware.io/
https://app.australia-southeast1.gcp.coalescesoftware.io/
https://*.app.australia-southeast1.gcp.coalescesoftware.io/
https://app.us-east-1.aws.coalescesoftware.io/
https://*.app.us-east-1.aws.coalescesoftware.io/
https://app.us-west-2.aws.coalescesoftware.io/
https://*.app.us-west-2.aws.coalescesoftware.io/
The Coalesce Command-Line Interface may be used to deploy and run Jobs in an Environment. This omits the requirement to allow list Coalesce IP addresses. However, the above IPs are still used during design time (using the GUI build interface) to connect with the Snowflake warehouse.
Allow Outbound Traffic to Coalesce
Allow Outbound HTTPS connectivity on your network to the following domains in order to connect to Coalesce GUI, API, and/or CLI. This step is only required if your organization limits traffic to the public internet.
https://firestore.googleapis.com
https://firebasestorage.googleapis.com/
https://identitytoolkit.googleapis.com/
https://securetoken.googleapis.com/
https://storage.coalescesoftware.io/
https://app.coalescesoftware.io
https://*.app.coalescesoftware.io
https://app.eu.coalescesoftware.io/
https://*.app.eu.coalescesoftware.io/
https://app.australia-southeast1.gcp.coalescesoftware.io/
https://*.app.australia-southeast1.gcp.coalescesoftware.io/
https://app.us-east-1.aws.coalescesoftware.io/
https://*.app.us-east-1.aws.coalescesoftware.io/
https://app.us-west-2.aws.coalescesoftware.io/
https://*.app.us-west-2.aws.coalescesoftware.io/
Name | Description |
---|---|
https://firestore.googleapis.com | Database that holds all metadata. |
https://firebasestorage.googleapis.com | Send deployment metadata from the client about deployments running in the cloud environment. |
https://identitytoolkit.googleapis.com | Authentication mechanism containing all users, providing the user with a JWT for OAuth. |
https://securetoken.googleapis.com | Allows Coalesce to exchange the Access Token to an OAuth JWT. |
https://storage.coalescesoftware.io | CDN hosting for all static assets such as images and JavaScript. |
https://app.coalescesoftware.io | The web application. |
https://*.app.coalescesoftware.io | An alias for the web application to allow SSO. Such as redirecting to a specific organization. |