Tableau Cloud Help

This topic covers setup information specific to the data provider. For general information on setting up a private connection, see Cloud Admin: Set Up and Share a Private Connection.

• Your Snowflake edition is Business Critical Edition.
• Your Snowflake account has at least one warehouse.
• Optional, but convenient: You have access to a Snowflake account administrator user to execute the Snowflake SYSTEM$GET_PRIVATELINK_CONFIG function(Link opens in a new window). If you don't, you get the information from Snowflake support.

To get the IAM ARN that needs to be added as an allowed principal on the endpoint service in AWS:

1. Log in to Tableau Cloud Manager (TCM).
2. Go to Settings.
3. Select the Private Connect tab.
4. Expand IAM Regions and ARNs.
5. Find the shared region for your Tableau Cloud site and the data provider.
6. In the Actions menu (...), select Copy IAM ARN.

After you have the IAM ARN, open a Snowflake support case. Ask for PrivateLink to be enabled, and provide them with the IAM ARN to allow connections from.

As a Snowflake account administrator, invoke the SYSTEM$GET_PRIVATELINK_CONFIG function(Link opens in a new window) and get these values from the output:

• privatelink-vpce-id
• privatelink-account-url

If you don't have access to a Snowflake account administrator account, use your Snowflake support case and ask for the values of privatelink-vpce-id and privatelink-account-url.

After you have the values, enter them in the Tableau Cloud Create Private Connection dialog:

• Enter the value of privatelink-vpce-id in the Endpoint Service Name field.
• Enter the value of privatelink-account-url in the Custom Address field.