Admin
After initial deployment, most admin work for Alteryx Analytics Cloud (AAC) can be managed through the Admin console, including user provisioning, data access, and project or workspace configuration settings.
Tip
If you are a project owner or workspace admin logging into AAC for the first time, you can use these steps to set up the environment for use and invite other users to join.
Integrate the Product
Depending on the edition of the product that you licensed, there may be specific steps required to integrate AAC with your environment:
Tip
Please complete the steps listed below for your product edition by following the documentation link. You can then return to complete the remaining steps in this page.
Alteryx Analytics Cloud
Key Tasks:
Set up your workspace. Go to Getting Started with Alteryx Analytics Cloud.
Invite new users. Go to Manage Users.
Review Environment Settings
After you have deployed the product, you should review the environment settings.
Steps:
Sign in to AAC as an administrator.
Select Profile menu > Workspace Admin.
Select Settings.
These settings define features and behaviors in the project or workspace. Key categories and settings:
Category | Notes |
---|---|
API | These settings define whether users are permitted to create and use API access tokens, which allow for access to the REST APIs. Tip API access is required for developers who wish to build on the platform or users who wish to automate aspects of their data pipelines. |
Connectivity | These features can enable access to datastores and conversion features, including the use of custom SQL to create imported datasets. Tip If significant volumes of your data are hosted in relational sources, you should review these settings. |
Flows, recipes, and plans | These settings enable features related to the development of features, recipes, and plans. Tip By default, users are permitted to import, export, and share flows and plans, as well as create webhooks to deliver messages outside of the product. If these features need to be disabled, please review these settings. |
Job execution | These features define aspects of how jobs are executed on Trifacta Photon, which is an in-memory running environment. Tip Most of these settings are advanced tuning properties. Trifacta Photon may require enablement in your environment. |
Publishing | These settings can be modified to define the formats that AAC is permitted to generate. Most output formats are enabled. Tip The default storage environment setting defines the base storage for the product. You should set this value when you begin using the product. Avoid changing the value after the product has been in use. For more information, see the links at the bottom of the page. |
Experimental features | These features are early access features that may be modified or even removed at any time. Tip To begin, you should avoid enabling Experimental features until you are familiar with the product. |
Invite Users
You can now invite users to your project or workspace. Go to Manage Users.
Modify Roles
Each invited user is automatically assigned the default role. If needed, you can modify or add other roles to the user account.
Note
Without modification, the default role assigned to users permits sufficient access to import, transform, and export data. Access to admin functions and other advanced features may be restricted.
Tip
Roles are additive. Users are permitted the maximum privileges in all assigned roles.
Steps:
In the Users, find the user to modify. Click the More (...) menu and select Edit.
Select roles from the Roles drop-down.
Then, click Edit user.
As needed, you can modify the privileges of existing roles or define new roles.
Sync Audit Events to AWS S3
As an Account admin, you have the option to set up an audit connection to your AWS S3 bucket. Events can be published to customer-owned S3 buckets in batches every 12 hours.
To set up the connection, navigate to the Settings page and choose Save Audit Logs to Your Own Storage by selecting Set Up. Connections can be deleted, edited, or re-created as necessary for ongoing maintenance.
Steps:
Create an IAM Role.
In your IAM console, create a role with trusted entity type AWS Account. You will need the AWS Account ID and the External ID.
Create an S3 Bucket.
In your S3 console, create the bucket that will be dedicated to storing Audit Logs. You will need to replace ROLE-ARN in the KMS Key JSON Template with the Role ARN you copied earlier .
Attach Policy to Role.
In the Create Policy page, select JSON and replace what is there with the Policy JSON Template. Make sure to replace BUCKET-NAME, FOLDER-NAME, and KMS-KEY-ARN with the correct values. Lastly, attach the policy that you have just created to your IAM role. If you would like the files to be created at the root of the bucket, remove
/FOLDER-NAME
from the JSON template.Set Up the Connection in AAC.
Configure the Audit logs connection by adding the following details:
Bucket Name
Folder (optional)
Bucket Region
Role ARN
Test and Create the Connection.
Publish a test file to the bucket to verify the details are valid. Once successfully published and confirmed in the S3 bucket, create the connection.
A new batch of audit events related to cloud storage connections for audit events is now in production. For more information, see Audit Events.