Tableau Cloud Help

As stated in the Cloud Admin: Set Up and Share a Private Connection topic, the setup for AWS endpoint services and the AWS-hosted data providers varies.

In the case of most AWS-hosted data providers, the AWS endpoint service needs to allow a connection from Tableau Cloud. The endpoint service identifies Tableau Cloud through an Identity and Access Management (IAM) Amazon Resource Name (ARN) for their shared region. To allow access, Tableau Cloud's IAM ARN is added to the list of allowed principals on the endpoint service. (The Tableau Cloud site and the AWS data provider must be in the same region.)

To get the IAM ARN that needs to be added as an allowed principal on the endpoint service in AWS:

1. Log in to Tableau Cloud Manager (TCM).
2. Go to Settings.
3. Select the Private Connect tab.
4. Expand IAM Regions and ARNs.
5. Find the shared region for your Tableau Cloud site and the data provider.
6. In the Actions menu (...), select Copy IAM ARN.

See the individual data provider articles for specific setup instructions on each.

• Private Connect for Athena
• Private Connect for Snowflake
• Private Connect for Redshift