Engine Works

Under the hood of Alteryx: tips, tricks and how-tos.
DavidHa
Alteryx
Alteryx

Analytics Cloud Banner (1).png

 

Introduction

 

The Alteryx Analytics Cloud Platform automates data and analytic processing at scale to enable intelligent decisions across the enterprise.   Three key design principles make up the Alteryx Analytics Cloud Platform:

  • Self Service for All - empowers data engineers, business analysts, and citizen data scientists with intuitive tooling and capabilities to support no-code, low-code, and code-friendly preferences.
  • Unified Platform - an end-to-end platform with ecosystem compatibility to deliver seamless integrations.
  • Enterprise Grade - reduce risk and ensure your data is fully protected with the latest security standards and certifications.

The unique combination of these design principles helps remove the burden from IT of managing hardware, applications, and data sets.  Instead, it allows business users to operate efficiently within the controls of an enterprise data platform governed by IT.   In this article, we'll look at the technical details of the Alteryx Analytics Cloud Platform that make up and support each of these design principles. 

 

Architecture

 

Alteryx Analytics Cloud (AAC) is a cloud-first Software-as-a-Service (SaaS) offering hosted in public clouds, fully managed and maintained by Alteryx.  There is no hardware needed to provision and manage or software required to install and configure within the corporate data center or on users' machines.  Alteryx maintains a globally accessible, resilient, and scalable cloud platform to ensure that users are always able to access their applications.  Additionally with industry standard CI/CD procedures users always have the latest Alteryx innovations at their fingertips.

 

Alteryx Analytics Cloud utilizes a split-plane architecture, creating a separation between platform services and data processing.  These two planes are the Control Plane and the Data Plane.  This division, along with a configurable Workspace Storage component, provides more flexibility to customers to choose a design that meets their needs.  Each of these components are described below. 

 

Architecture Component

Description

Deployment Options

Control Plane

The control plane provides all the services that drive the platform, including:

  • user authentication and authorization
  • web applications & APIs
  • scheduling & job orchestration
  • the end-user's design time experience

The services in the Control Plane are backed by Kubernetes and other leading technologies to deliver an efficient and scalable solution to user workload demands. 

Not Applicable - the Control Plane is hosted and fully managed by Alteryx in Alteryx's Cloud environment. 

Data Plane

The data plane is responsible for the connectivity and processing of customer data, including:

  • connecting to customer data sources
  • runtime processing of data
  • publishing runtime outputs to specified destinations

There are two Data Plane deployment options:

  1. The Data Plane can be hosted by Alteryx as part of the multi-tenant Alteryx Cloud.  (default).
  2. The Data Plane can be hosted in the customer's VPC, using a feature called Private Data Handling.  With Private Data Handling, the cloud Region can be specified by the customer to meet their latency and data residency requirements. 
Workspace Storage

The Workspace storage is where AAC specific data assets are stored, including:

  • Uploaded data sets (.csv, .xlsx, etc...)
  • Job results
  • Samples used to drive the design time experience
  • Temporary files used during ingestion and job execution

There are two Workspace Storage options:

  1. Workspace Storage can be hosted by Alteryx as part of the multi-tenant Alteryx Cloud, which is called Alteryx Data Storage.  (default)
  2. Workspace Storage can be a customer-managed data storage environment (AWS S3), which is called Private Data Storage.  

 

 

The following reference architecture diagram shows each of these components and highlights the separation between platform services, data storage, and data processing.  In the example below, the environment has been configured with Private Data Storage in S3 and Private Data Handling with the Data Plane being hosted in the customer's VPC.  

 

AAC architecture shown with optional Private Data Handling with the customer owned data plane in AWS.AAC architecture shown with optional Private Data Handling with the customer owned data plane in AWS.

 

Security

 

Alteryx Analytics Cloud features a “defense in depth” approach to protect your data across the entire platform.   Some key points of our security approach:

  • Authentication - integrate with enterprise SSO solutions and leverage secure OAuth tokens for API and Data Connectivity.
  • Authorization - leverage Role Based Access Controls (RBAC) to manage access and permissions.
  • Encryption - platform traffic is encrypted with TLS 1.3+ level encryption, and data & metadata storage is encrypted with AES-256 encryption.  Data source connectivity encryption is determined by the connection options.  
  • Private Data Handling - With the configurable Private Data Handling architecture,  data storage, and processing is all maintained within the customer-owned VPC. 
  • Certifications - SOC 2 Type II and ISO 27001 Certified
  • Vulnerability Management - Alteryx conducts routine penetration testing and vulnerability scanning analysis and resolves identified issues. 
  • Learn more on our trust page: https://www.alteryx.com/trust

 

Workspaces

 

An important concept in Alteryx Analytics Cloud that facilitates a secure design is Workspaces.  All Workflows, Machine Learning projects, uploaded data sets, database connections, etc... are contained within a Workspace.   Customers can have multiple Workspaces to help organize work streams, projects, separate departments, etc...  Examples might be a Workspace for the Finance team, another for the HR team, and another for Sales.  Or perhaps Workspaces to segregate out Self-Service ad-hoc analysis from Production business-critical workloads.  Users can be a member of multiple Workspaces; however, any authorization assignments are specific to a single Workspace. 

 

All assets such as Workflows and data connections are contained within a Workspace.All assets such as Workflows and data connections are contained within a Workspace.

 

Data Connectivity

 

The Alteryx Analytics Cloud Platform provides a centralized area for managing data connectivity, which can be leveraged by all applications and users on the platform.  This ensures compatibility across all Alteryx Analytics Cloud applications, avoids duplicate connections, and helps with administration.  

 

Data connectivity has been purposefully designed to support data sources across On-Prem and Cloud hosted locations, allowing you to efficiently work with your data no matter where it lives.  Data connectivity options include databases, CRM and ERP systems, web-based applications, and marketing sources, and even file storage locations.   

 

Connections.PNG

 

Data connections can be configured with multiple possible authentication mechanisms, such as IAM, user & password, or OAuth token.  The exact options, along with SSL/TLS encryption mechanics, are dependent on the data source.

 

Fine-grained controls allow users to customize the sharing of connections to foster collaboration in a secure manner.  Some common examples include:

  • Share a data connection with all users of the Workspace.
  • Share a data connection with the credential as well (ex. service account) to a specified set of users. 

 

Applications

 

Alteryx Analytics Cloud Platform hosts several applications, a few of which are highlighted below. 

 

Designer Cloud

 

Designer Cloud presents a modern solution to the expanding challenge of data transformation, empowering analysts and data scientists with a self-service solution for data prep, blending, and analytics in the cloud.  Designer Cloud is able to process data volumes of any size due to the underlying flexible and scalable architecture. 

  • For smaller lightweight jobs, an Alteryx engine is used to process the transformations quickly and efficiently.  
  • For larger data volumes, a scalable Spark execution environment using a technology like Amazon EMR Serverless can efficiently perform transformations on data volumes of any size from any connected source.  
  • For Snowflake data sources, all transformation operations will be pushed down and processed directly in the Snowflake warehouse.  

 

Machine Learning

 

Machine Learning allows business-savvy analysts and citizen data scientists to create predictive models and better understand their data. With AutoML capabilities, users can gain insights and build extremely powerful predictive models faster than ever before.   

 

Auto Insights

 

Auto Insights allows organizations to quickly and easily discover powerful insights in their data beyond traditional dashboarding technologies.  Auto Insights does this by leveraging built in artificial intelligence to analyze the data, uncover patterns, trends, and even determine root causes.  Additionally, Auto Insights features integration with OpenAI to build out reports & emails explaining the insights using natural language processing.

 

Extensibility & Orchestration

 

Extensibility and orchestration capabilities are key to any platform, allowing users to extend capabilities and build dynamic automated solutions.  The AAC Platform offers hundreds of REST API endpoints to automate and extend capabilities supported by OpenAPI standard documentation.   This includes user endpoints for interacting with objects like schedules, data connections, and workflows.  This also includes administrative endpoints for managing users, roles, permissions, and more.

 

Plans

 

Alteryx Analytics Cloud features a robust orchestration capability called Plans.  A Plan enables the execution of a sequence of discrete tasks in Alteryx Analytics Cloud. These tasks can be Workflow jobs, HTTP requests to other platforms, Machine Learning tasks, and much more.  Additionally, the orchestration of tasks can be controlled based on the success or failure of other tasks.  An example use case here might be to ingest, transform, and prep new data, then pass that data to a Machine Learning model to predict a result, then if successful, make an API call to a 3rd party application and also post a Slack message to let our team know the job is complete. 

 

An example Plan showing orchestration of tasks across multiple applications.An example Plan showing orchestration of tasks across multiple applications.

 

Conclusion

 

This blog has provided a technical overview of the Alteryx Analytics Cloud Platform.  For additional information, the links below may be helpful.  If you are interested in learning more, contact us on our AAC page to get more information. 

 

David Hare
Senior Manager, Solutions Architecture

David has the privilege to lead the Alteryx Solutions Architecture team helping customers understand the Alteryx platform, how it integrates with their existing IT infrastructure and technology stack, and how Alteryx can provide high performance and advanced analytics. He's passionate about learning new technologies and recognizing how they can be leveraged to solve organizations' business problems.

David has the privilege to lead the Alteryx Solutions Architecture team helping customers understand the Alteryx platform, how it integrates with their existing IT infrastructure and technology stack, and how Alteryx can provide high performance and advanced analytics. He's passionate about learning new technologies and recognizing how they can be leveraged to solve organizations' business problems.