This site uses different types of cookies, including analytics and functional cookies (its own and from other sites). To change your cookie settings or find out more, click here. If you continue browsing our website, you accept these cookies.
Curious as to what process the community is using for Alteryx Server security controls (i.e. managing what artisans and viewers can do in studios and collections). My team is trying to setup the controls similar as what we do for Tableau. We create project folders for each department, add users access to view those projects, and control what permissions they have within that project (e.g. publish, edit, download). Any suggestions?
Great question, to which the answer is "it depends". The best way to organise your Gallery is going to depend on lots of factors like how many users you have, what sorts of roles they need to perform, how your business is structured, how your Server is implemented, etc.
I highly recommend the below four articles from @JordanB as a guide to best practice:
Thank you for the response! The links were helpful, but do not fully solve our issues with compliance. Regarding your questions of users. We will initially have 30 users but that will quickly grow, as it did with Tableau where we now have 300 users.
Below is the process we have envisioned (similar to what we do for Tableau), but are having trouble recreating in Alteryx due to not much security controls being offered.
We have 2 environments UAT and Production. In UAT we will create a private studio for each developer, so they can publish workflows, test, validate, and publish to their departments collections once ready for their department's viewers to run the workflows.
Once the workflows have been validated by their team in the collection, the developer can request to promote the workflow to the Production environment, where the business can view and run workflows. The workflow must first be audited by a developer from a different department and then promoted to Production by the Alteryx admin. The developers will only have viewer access in Production.
Where we find issues is that developers should only have permissions to publish workflows from designer to the private studio and from the private studio to the collection. Developers should NOT have permissions to create new collections and add users to collections. Developers should also NOT be able to publish to the public gallery as this creates a compliance issue. Is there a way to prevent these issues from occurring?