Private Connect for MySQL
This topic covers setup information specific to the data provider. General information on setting up a private connection is in Private Connection Set Up: Overview, and information on setting up the Tableau Cloud endpoint is in Private Connection Set Up: Tableau Cloud.
Prerequisites
- If your database is hosted in RDS: Set up your Amazon RDS Environment(Link opens in a new window)
- Create and connect to a MySQL DB instance(Link opens in a new window)
- Create network load balancer to front the instance(Link opens in a new window). If your Tableau Cloud site and your MySQL instance are in different regions, make sure the load balancer is deployed in multiple AWS Availability Zones.
- Create VPC endpoint service for the network load balancer(Link opens in a new window). If your Tableau Cloud site and your MySQL instance are in different regions, make sure your Tableau Cloud site's region is in the endpoint service's Supported Regions tab.
Tableau Cloud Information for the Data Provider
To get the IAM ARN that needs to be added as an allowed principal on the endpoint service in AWS:
- Log in to Tableau Cloud Manager (TCM).
- Go to Settings.
- Select the Private Connect tab.
- Expand IAM Regions and ARNs.
- Find the region for your Tableau Cloud site.
- In the Actions menu (...), select Copy IAM ARN.
After you have copied Tableau Cloud's IAM ARN, allow it as an allowed principal on the endpoint service per the instructions in Configure an endpoint service(Link opens in a new window).
Data Provider Information for Tableau Cloud
Use the AWS Management Console or AWS CLI to get the endpoint service name needed for the Tableau Cloud Create Private Connection dialog.
Alternative Approach
As an alternative to the high level steps in the Prerequisites and subsequent sections, you can use the blog post Enhance Agentforce data security with Private Connect for Salesforce Data Cloud and Amazon Redshift – Part 3(Link opens in a new window) for information on configuring a private connection between Redshift and Salesforce Data Cloud. Adjust the instructions as described below to work with MySQL and Tableau Cloud instead.
From the blog post, follow the instructions in these sections completely:
- Create a security group for the Network Load Balancer
- Create a target group
- Create a load balancer
Then, from the "Create an endpoint service" section of the blog post:
- Instead of steps 9-12, use the Tableau Cloud Information for the Data Provider section above to get the IAM ARN.
- In step 14, use the IAM ARN in place of the Principal ID when adding allowed principals to the endpoint service.
- In step 15, note the endpoint service name.
- For step 17 and later, set up the private connection in Tableau Cloud per Private Connection Set Up: Tableau Cloud(Link opens in a new window).