Network Requirements

You need to allow inbound and outbound traffic from Coalesce.

Assigning IP Addresses

In Snowflake, IP address policies can be assigned at the Account, Security Integration, and User levels, with a defined precedence. If a policy is set at the Account level, it applies to all users by default. However, a User-specific policy will override the Account policy, applying only to the designated user. Authentication methods like Username/Password and OAuth are subject to User-defined policies, while Key Pair authentication is user-specific, as it involves setting a public key directly for a Snowflake user. Review Snowflake Network policy precedence.

Allow Inbound Traffic from Coalesce

When using Coalesce, we will connect to Snowflake from the following IP addresses. Be sure to allow traffic from all IPs in the respective Coalesce region by locating your domain (URL) below.

Snowflake recommends using Network Rules to update network information.

Updating Network Policies

Running ALTER ACCOUNT SET NETWORK_POLICY = ‘<COALESCE_NETWORK_POLICY> will overwrite any existing network policies, which can lead to other users losing Snowflake access.

If there are current network policies, you should add the Coalesce IPs in the ALLOWED_IP_LIST to the existing policy, instead of replacing the entire policy.

Australia Google

Region: australia-southeast1 (Sydney)

URL: https://app.australia-southeast1.gcp.coalescesoftware.io

34.116.110.251
34.116.123.45
34.116.78.163
34.116.82.99
34.116.87.108
34.116.95.120
34.87.228.146
35.189.32.148
35.189.42.234
35.197.168.207
35.197.183.131
35.201.3.42
35.201.8.86
35.244.65.40
35.244.80.87
35.244.92.117

Canada Google

Region: northamerica-northeast1 (Montreal)

URL: https://app.northamerica-northeast1.gcp.coalescesoftware.io

34.118.171.109
34.118.176.56
34.118.178.143
34.118.179.59
34.118.184.77
34.118.185.237
34.152.40.243
34.152.47.123
34.152.60.126
34.47.5.183
34.95.52.67
34.95.61.156
35.203.101.36
35.203.19.34
35.203.75.25
35.234.250.12

Europe AWS

Region: eu-west-2 (London)

URL: https://app.eu-west-2.aws.coalescesoftware.io

13.41.248.239
13.42.148.76
18.130.7.21
18.135.253.206
18.169.255.196
18.169.99.238
18.170.155.204
18.171.123.197
18.171.85.167
3.11.196.74
3.11.205.107
35.176.253.104
35.179.219.167
35.179.57.161
52.56.161.32

Region: eu-central-1 (Frankfurt)

URL: https://app.eu-central-1.aws.coalescesoftware.io

18.153.130.222
18.153.236.30
18.194.219.121
18.198.123.88
3.125.0.167
3.64.146.133
3.64.188.238
3.66.93.189
3.74.0.140
3.79.196.56
52.57.143.50
52.57.68.153
52.59.141.99
63.176.210.123
63.176.29.218

Europe Google

Region: europe-west-3 (Frankfurt)

URL: https://app.eu.coalescesoftware.io

34.141.50.108
34.141.85.173
34.141.97.246
34.159.109.127
34.159.114.61
34.159.213.117
34.159.236.68
34.159.92.100
34.89.148.26
34.89.191.247
35.198.130.208
35.198.149.245
35.198.174.119
35.234.79.196
35.246.145.217
35.246.181.59

---

Region: europe-west-1 (Belgium)

URL: https://app.europe-west1.gcp.coalescesoftware.io

34.140.252.240
34.140.40.119
34.34.187.119
34.38.117.20
34.76.46.108
34.77.175.48
34.77.181.190
34.77.250.125
34.78.168.214
34.78.28.102
34.79.56.185
35.195.233.21
35.205.140.116
35.205.76.35
35.241.242.232

United States AWS

Region: us-east-1 (Virginia)

URL: https://app.us-east-1.aws.coalescesoftware.io

18.214.188.200
23.21.137.7
3.222.28.181
3.233.107.188
34.232.239.54
34.234.18.234
35.153.45.74
44.214.13.195
44.214.198.37
44.218.190.25
52.203.105.88
54.162.41.198
54.164.136.234
54.204.122.114
54.237.34.70

---

Region: us-east-2 (Ohio)

URL: https://app.us-east-2.aws.coalescesoftware.io

13.58.165.37
18.190.68.9
3.131.163.112
3.133.215.161
3.135.14.57
3.14.26.219
3.142.188.16
3.147.173.50
3.15.85.112
3.21.74.10
3.22.210.142
52.15.173.79
52.15.175.131
52.15.228.1
52.15.99.220

---

Region: us-west-2 (Oregon)

URL: https://app.us-west-2.aws.coalescesoftware.io

34.212.187.109
34.212.220.146
35.155.62.60
35.164.137.106
44.224.250.156
44.230.62.194
44.236.171.53
52.33.89.80
52.34.52.101
52.37.156.238
52.38.24.181
52.40.254.45
54.184.34.110
54.218.245.200
54.245.169.140

United States Azure

Region: centralus (Iowa)

URL: https://app.centralus.azure.coalescesoftware.io

20.106.19.0/29
20.106.19.8/29

---

Region: eastus2 (Virginia)

URL: https://app.eastus2.azure.coalescesoftware.io

172.210.156.64/29
172.210.156.8/29

---

Region: westus2 (Washington)

URL: https://app.westus2.azure.coalescesoftware.io

4.242.19.208/29
4.242.19.112/29

---

Region: southcentral (San Antonio)

URL: https://app.southcentralus.azure.coalescesoftware.io

4.151.11.104/29
4.151.11.96/29

United States Google

Region: us-central1 (Iowa)

URL: https://app.coalescesoftware.io

104.197.181.174
104.197.239.181
34.121.9.26
34.122.41.172
34.123.199.186
34.132.232.62
34.30.33.202
34.41.250.208
34.42.195.106
34.68.106.79
34.68.120.84
35.184.36.82
35.193.16.39
35.222.123.215
35.223.203.238
35.239.135.16

Region: us-east4 (Virginia)

URL: https://app.us-east4.gcp.coalescesoftware.io

34.145.139.211
34.145.168.221
34.145.184.215
34.145.209.169
34.145.220.155
34.145.228.215
34.21.61.92
34.21.96.186
34.48.0.239
34.48.133.88
34.48.141.85
34.48.207.17
34.85.131.220
35.245.133.123
35.245.187.6

Allow Outbound Traffic to Coalesce

It's required to allow outbound HTTPS connectivity on your network to the following domains in order to connect to Coalesce GUI, API, and/or CLI.

https://firestore.googleapis.com
https://firebasestorage.googleapis.com/
https://identitytoolkit.googleapis.com/
https://securetoken.googleapis.com/
https://storage.coalescesoftware.io/
https://app.coalescesoftware.io
https://*.app.coalescesoftware.io
https://app.eu.coalescesoftware.io/
https://*.app.eu.coalescesoftware.io/
https://app.australia-southeast1.gcp.coalescesoftware.io/
https://*.app.australia-southeast1.gcp.coalescesoftware.io/
https://app.us-east-1.aws.coalescesoftware.io/
https://*.app.us-east-1.aws.coalescesoftware.io/
https://app.us-west-2.aws.coalescesoftware.io/
https://*.app.us-west-2.aws.coalescesoftware.io/

Name	Description
https://firestore.googleapis.com	Database that holds all metadata.
https://firebasestorage.googleapis.com	Send deployment metadata from the client about deployments running in the cloud environment.
https://identitytoolkit.googleapis.com	Authentication mechanism containing all users, providing the user with a JWT for OAuth.
https://securetoken.googleapis.com	Allows Coalesce to exchange the Access Token to an OAuth JWT.
https://storage.coalescesoftware.io	CDN hosting for all static assets such as images and JavaScript.
https://app.coalescesoftware.io	The web application.
https://*.app.coalescesoftware.io	An alias for the web application to allow SSO. Such as redirecting to a specific organization.

In-Network Command-Line Interface

The Coalesce Command-Line Interface may be used to deploy and run Jobs in an Environment. This omits the requirement to allow list Coalesce IP addresses. However, the above IPs are still used during design time (using the GUI build interface) to connect with the Snowflake warehouse.