Is it possible to run workspaces in FME Server as different user accounts i.e. service accounts?
I am aware of running FME Services Engine as a different account. The issue there is that over time you will have to grant this account access to a lot of different resources and this would not be good cyber-security practice.
In principle I don't think this is possible. But I'm guessing you could make different engine installations on separate servers that all connect to the same Core instance, and those engine installations could potentially run under different service accounts. You could then use server queues to redirect specific jobs to specific engines running with different service accounts.
+16Workspaces in FME Server are run under the service account that the Windows service is run as (assuming you're on Windows). There is some information about how to run the services using different accounts here:
As @david_r has suggested, you could install multiple Engines on different machines and run each under a different account, then use the FME Server Job Queues to route jobs to different Engines.
Unfortunately, because it's the Windows service account that is used for running the jobs, there is no way to dynamically change this at run time.
The above is all related to the actual service account that FME Server services are running under. If, instead, you just need to run a job using a specific FME Server user account, you can do that with the FMEServerJobSubmitter transformer called from a controller workspace, as described in this post:
+2I would like to have the ability to register more than one instance of the FME Engines service on a given server. That way each instance could have a different service account without the need to provision an additional server.
+8Hi
