_____$$$$_________$$$$_____
___$$$$$$$$_____$$$$$$$$___
_$$$$$$$$$$$$_$$$$$$$$$$$$_
$$$$$$$$$$$$$$$$$$$$$$$$$$$
$$$$$$$$$$$$$$$$$$$$$$$$$$$
_$$$$$$$$$$$$$$$$$$$$$$$$$_
__$$$$$$$$$$$$$$$$$$$$$$$__
____$$$$$$$$$$$$$$$$$$$____
_______$$$$$$$$$$$$$_______
__________$$$$$$$__________
____________$$$____________
_____________$_____________
Each individual Alteryx Workflow has underlying XML code. As you drag and drop individual building blocks onto the canvas, Alteryx is creating XML on the backend. The resulting XML exposes each tool under a Node designation. An end user is able to parse out each tool and follow what fields are being processed in order to achieve the lineage you are going after. A good example of this, that is publicly available, is the Auto Documentation App. When running against a workflow, it captures anything and everything (barring encrypted passwords and the like) from data sources involved, connection types, specific tools that are used, how/when they are used, any selection in each tool, annotations, and more.
Note: You can view the XML as you are building your workflow by navigating to Options → User Settings → Edit User Settings → Advanced → ‘Display XML in Properties Window’ and then view the XML in the Configuration pane. You can also convert a .yxmd workflow to .txt and take a look at the text. Pro tip: some users will do this to change the Designer version they are working on.
With respect to data accessibility, Alteryx adheres to all existing database administration rules and procedures when connecting to your data sources. Anytime a connection is setup within an Alteryx workflow, credentials are used whether that be by pass-thru authentication or a named user account. Access to data assets is governed by the database or network permissions that are setup by a company’s IT department at the local level drive.
With respect to data management, the Alteryx Engine is connecting to the data sources when it pulls in data. The Engine then performs all the functions described by the workflow in-memory. Since Alteryx does not require data stored in an additional data format, you are able to eliminate ‘spreadmarts’ which helps ensure reliability and consistency across your data ecosystem.
Alteryx Server provides several types of logs (Service, Gallery, Engine, UI) and allows the Admin to specify the level of detail for logging. Logs let you trace errors, warnings, information and debugging messages. The logs are saved on the Server in the following locations:
Audit logs are also accessible via API endpoints. Server tracks changes to system entities including AppInfo, Collection, Credential, Subscription & User. Any updates to these entities will trigger the creation of an AuditEvent record. You can return these records via public Admin API endpoint.
One of the great things about Alteryx Server is that it is easy to set up and configure on-premises or in the cloud (AWS, Azure, GCP, etc.). It can also be setup / deployed within the same day! Once Server is deployed, Alteryx makes it simple and flexible to scale to meet increasing demand. Our Server architects love that that you do not have to shut down the entire Server in order to add Worker nodes…you can simply install the additional node and point it to the unique security token from the Controller Token in order to stand up and communicate.
Administers require monitoring and reporting capabilities whether it is to track usage, adhere to a data governance program, ensure best practices / optimal performance, or have greater overall visibility into their Alteryx Server deployments. Alteryx makes it easy to either create your own workflow / dashboard via the MongoDB Input Tool or leverage the pre-built Server Usage Report. With the ‘build it yourself’ option, users oftentimes find themselves customizing the metrics they would like to report on and schedule these workflows to run in cadence. The pre-built Usage Report contains a packaged workflow that runs in Alteryx Designer and outputs to Tableau to present four basic dashboards
Within the Gallery you can manage users and provision various levels of data access based on the user role. User roles determine the users’ level of access to Gallery users and assets. Gallery users can have one of the following roles:
Collections also have a granular level of permissions for finer grained controls.
Access is configured and managed by an Admin role. There can be multiple admins on the Alteryx Server. An Admin may associate Windows AD groups with access to execute workflows. They can change the default roles for new user accounts and may allow user account creation by configuration. Server supports centralized named users or user group permissions of data connections strings defined and shared from the Server Admin panel.
Built-In:
Users are created and managed within Alteryx Server
No dependencies or integration needed with any other system
Users are managed manually through a Server’s web interface
Users can be allowed to sign-up and have a pre-defined permission level
Active Directory Integration (including Kerberos):
Authenticate using AD credentials
Users can be automatically added from AD or prevented from automatic access
In an AD Forest setup, full bi-directional trust is required
SAML Integration:
Supports SAML v2.0 integration for Single Sign-On
PingOne, Okta, and Azure AD have been validated and other SAML providers may work as well
Users can be automatically added from Identity Provider (allowed to sign-in) or prevented from automatic access
User authentication is handled by Identity Provider and user access is managed there
A standard deployment of Alteryx Server has a Sandbox and Production environments. Most users work against the sandbox and only production workflows are promoted to production. With Sandbox, you can test workflows before productionizing and also test upgrades so that content is not mistakenly broken with new Server releases. In turn, IT is able to easily implement the process around publishing to Production.
From a best practice perspective, we see two general areas of usage for lower environments (sandboxes).
Credentials are used for running workflows on the Alteryx Server that contain inputs from databased and various file locations as defined in the Input / Output Tool. There are 3 available options for user credentials:
It is also possible to restrict the type of functionality permitted to run, either globally or at a workflow level. Row Level restrictions can also be implemented in 3 ways
A successful modern analytics platform can deliver both IT control and end-user autonomy and agility. Collaboration between the business and IT is critical to the success of a platform adoption and deployment. IT knows how to manage data and the business knows how to use the insights to drive business decisions. With that, the above highlights key functions of the Alteryx platform that IT loves!
Contributors: David Hare, David Matyas, Nic Morales, Scott Anderson, Ian Coe
To find out more about how line of business leaders can partner with IT to enable workers across the organization to make data-informed decisions, join Nick Bignell, Director of Data Science Service at UBS, for a Webinar + Q&A where you'll see how he brought disparate data sources together and created a unified analytics strategy for UBS that empowers 12 different business functions.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.