Private Connect for Snowflake
This topic covers setup information specific to the data provider. General information on setting up a private connection is in Private Connection Set Up: Overview, and information on setting up the Tableau Cloud endpoint is in Private Connection Set Up: Tableau Cloud.
Prerequisites
- Your Snowflake edition is Business Critical Edition.
- Your Snowflake account has at least one warehouse.
- Optional, but convenient: You have access to a Snowflake account administrator user to execute the Snowflake SYSTEM$GET_PRIVATELINK_CONFIG function(Link opens in a new window). If you don't, you can get the information from Snowflake support when needed.
Tableau Cloud Information for the Data Provider
To get the IAM ARN that needs to be added as an allowed principal on the endpoint service in AWS:
- Log in to Tableau Cloud Manager (TCM).
- Go to Settings.
- Select the Private Connect tab.
- Expand IAM Regions and ARNs.
- Find the shared region for your Tableau Cloud site and the data provider.
- In the Actions menu (...), select Copy IAM ARN.
After you have the IAM ARN, open a Snowflake support case. Ask for PrivateLink to be enabled, and provide them with the IAM ARN to allow connections from.
Data Provider Information for Tableau Cloud
As a Snowflake account administrator, invoke the SYSTEM$GET_PRIVATELINK_CONFIG function(Link opens in a new window) and get these values from the output:
- privatelink-vpce-id
- privatelink-account-url
If you don't have access to a Snowflake account administrator account, use your Snowflake support case and ask for the values of privatelink-vpce-id and privatelink-account-url.
After you have the values, enter them in the Tableau Cloud Create Private Connection dialog:
- Enter the value of privatelink-vpce-id in the Endpoint Service Name field.
- Enter the value of privatelink-account-url in the Custom Address field.