Benchmark: Network Security
Overview
Network security or isolation provides the first line of defense for your snowflake account.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-snowflake-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select Network Security.
Run this benchmark in your terminal:
powerpipe benchmark run snowflake_compliance.benchmark.security_overview_network_securitySnapshot and share results via Turbot Pipes:
powerpipe benchmark run snowflake_compliance.benchmark.security_overview_network_security --shareControls
- Use network policies to allow 'known' client locations (IP ranges)
- Use network policies blocked list to deny access to specific list of IPv4 addresses
- Use private connectivity with Snowflake
- Allow firewall to connect client applications to Snowflake
- Allow Snowflake to access your cloud storage location