This site uses different types of cookies, including analytics and functional cookies (its own and from other sites). To change your cookie settings or find out more, click here. If you continue browsing our website, you accept these cookies.
I am knee-deep into an Alteryx POC with approximately 15 developers. My role in our organization is that of a System / Application Administrator. I'm having some trouble with understanding an ideal way to configure an internal Alteryx Gallery and Server, and I'm hoping that some of you wouldn't mind taking a few minutes to share some information regarding your setup.
I have read through the Server Installation and Configuration Guide and have a general understanding of all of the moving parts. The system has been online for a few weeks and has been regularly used, so there are no problems in terms of errors, functionality, etc.
Where I'm left scratching my head is how to best set up Gallery, manage permissions, and manage schedules. In an ideal world, I guess I'd see it going like this:
Developers create workflows & upload to private gallery
Admin (me) updates connection strings and performs cursory review before moving it into a shared area. Developers should be prevented from doing this.
QA team reviews and gives signoff.
Admin (me) moves to a shared area (a collection?) and schedules the workflow as needed. Developers should be prevented from doing this.
Is this approach feasible given the functionality of Gallery? For now, it seems somewhat all-or-nothing to me. If I make somebody an Artisan, it seems like they can publish things to the gallery, schedule workflows, etc. But I may be completely missing something here.
Also, I'm using Windows authentication and I don't see any way to add users to a Subscription. There's literally no button below the Artisans & Members boxes. How do I do this?
I appreciate any input that anybody has and any resources you might be able to refer. Thanks in advance!!
Thank you for the feedback and info! What you're wanting to do is very similar to what we see other customers looking to accomplish - essentially, better and more granular control over what users can do within given projects, and a promotion process of workflows. Today, our Gallery does indeed, as you mention, provide the artisan access as a sort of all or nothing type of deployment. So unfortunately, the level of access control you're looking for today is not yet available, but it is on our roadmap and something we are actively looking at for a future release - this is one of our top priorities.
So today, the best approach is indeed to make those developers artisans. Yes, this will enable them to possible make things public or share them even if they shouldn't, but there are still administrative capabilities, such as removal of workflows, that can help in case such accidents or activities occur.
And as for the user-to-studio management in Windows Auth mode - we're looking to get that button added for an upcoming release, and on top of that, taking a good look and building out some better and easier ways of managing users in Windows Auth mode in general, much in alignment with how we want to just make user and gallery management easier in the future.
Let me know if this helps. I know it's not the ideal answer you'd want today, but we are looking to make some significant improvements here. I'd also greatly appreciate any time you may have to go over features like this and to get more direct feedback in the future too!
Thank you for your response! It has definitely helped to clear a few things up for me. I'm looking forward to seeing what Alteryx implements in future releases.
Regarding the last point with Windows Authentication and subscription membership: is the general recommendation to use Built-In Authentication in order to modify subscription members and artisans? The only other way I have seen that this can be accomplished with Windows Auth is to manually change a user's Subscription Key, but I have not yet attempted to mess with this. Also it seems like each user would be limited to a single subscription with that approach.
Thanks again for your help. I appreciate you taking the time to respond!
Any time - we're here to help and get as much feedback and info from our customers as we can!
As far as your question regarding Windows Auth vs. Built-in - no, it's not required to use built-in for subscription artisans (though members don't make much sense in a Windows Auth environment). It is, however, trickier to manage, as you've discovered. The facilities for managing studios-to-users in Windows Auth are lacking at the moment, and it's an area we're looking to improve. Copying and editting the subscription key is indeed the only way. And yes, only one subscription per user - though this is another area we are looking at expanding upon in the future.
There will be the button in 10.5 to add artisans to a studio, but not for members, which will likely ultimately go away, at least with Windows Authentication deployments.
Let me know if this helps and/or if there's anything else!