Skip to main content
  • EN

We are upgrading to FME Flow 2024 and wanting to make some improvements. As part of this we want to know if we can have a user upload workbenches to FME Flow. Then login to FME Flow with their user account, but somehow build automations, streams, apps, and scheduled jobs to run under a different user account. 

We are trying to migrate from putting the all the running automations, schedules, and other items under individual user accounts. Instead we want to assign to a departmental account. Since we have FME Flow tied into our Active Directory this will prevent any permission issues of jobs not working when an employee leaves the company and their AD account is suspended. 

I didn’t really want to have every user login to FME Flow with the departmental user account. Then we won’t keep the individual repositories for workspaces and will become a mess. I know the GUI/Web Front End as-is doesn’t support this but trying to decide what approach I could do to solve this.

My easiest thought is to have users build projects. Then create a workspace that will take a project backup and import as the departmental user, probably using the FME Flow CLI. 

Another thought is much more technical and potentially build a web page to reassign users to objects directly in FME DB. Have it generate a table based on user login with all their objects and then select which ones to reassign to run/owned by Departmental User account. 

------------------------------------------------------------------------------

I’m curious how other people have solved larger FME Flow installations and keeping individual departments separated with their other users and repositories. How they build and schedule various automations and jobs. 

Hi @ssmith_ftr,

Using Projects is an option, this would allow users to create workspaces and automations that can be imported under the departmental account using the FME Flow CLI. Another way you could manage this, is by not allowing users to create automations in a production system. Then, handle this under an admin account. This gives you more flexibility to decide when workspaces run, if resources are a concern.  

You can also use the FME Flow REST API to automatically share workspaces or automations with the departmental account / role. System events can be triggered when a workspace is uploaded, if a certain user uploads a workspace then this could be shared with the role.

In general, we recommend using roles to manage permissions rather than accounts. It just makes it easier to manage a large amount of permissions for multiple users.

 

Reply


Community Stats

30,143
Posts
114,416
Replies
37,785
Members
Terms & ConditionsCookie settings
A product of
Safe Software respectfully acknowledges that we live, learn and work on the traditional and unceded territories of the Kwantlen, Katzie, and Semiahmoo First Nations.