Critical severityauthentication
Power BI Refresh Error:
390189
What does this error mean?
A Snowflake login or connection attempt was blocked by a network policy rule that restricts access to specific allowed IP address ranges, and the connecting IP is not in the policy's allowlist.
Common causes
- 1A new service, CI/CD runner, or ETL connector has an outbound IP address that is not in the Snowflake account's network policy allowlist
- 2The account-level or user-level network policy was updated to remove a CIDR range that still contains active clients
- 3An egress IP changed — for example, a cloud provider rotated NAT gateway IPs — and the Snowflake policy was not updated to reflect the new range
How to fix it
- 1Step 1: Note the connecting IP address from the error message (format: 'IP X.X.X.X is not allowed to access Snowflake').
- 2Step 2: Use SHOW NETWORK POLICIES and DESCRIBE NETWORK POLICY <name> to view the current allowlists.
- 3Step 3: Add the connecting IP or CIDR range to the policy: ALTER NETWORK POLICY <name> SET ALLOWED_IP_LIST = ('<existing_ips>', '<new_ip_or_cidr>').
- 4Step 4: If a user-level policy overrides the account-level policy, use ALTER USER <name> UNSET NETWORK_POLICY to revert to the account-level policy for that user.