...
| D toc |
|---|
| Excerpt | ||||||
|---|---|---|---|---|---|---|
This section applies to getting started with
|
D s product product awspr D s product product awsent D s product product awsst awspro D s product product awssta
| D s product | ||||
|---|---|---|---|---|
|
| D s product | ||
|---|---|---|
|
...
- Administrators should complete the first section to set up the product for use.
- After set up is complete, individual users should complete the second section to get started using the product.
Setup Process
| Tip |
|---|
Having difficulties? To speak to a support representative, click the icon in the corner and submit your question. |
Steps:
Before you begin. You should prepare your If you are using your own AWS S3 buckets, you should prepare them and their access policies to ensure that
can integrate with them.D s product product aws Info NOTE: If you do not have these AWS resources, they can be created for you. Details are below.
- Technical setup: Please share the technical setup section with your S3 administrator.
- Register. Complete the simple online workflow task to license and create your
workspace.D s product product aws - Workspace setup. Before you invite other users to your workspace, you should complete a few setup steps.
- Invite users. If you intend to share the workspace with other users, you can invite them from within it.
- Wrangle away!
Before You Begin
Hosted on Amazon Web Services,
is designed to natively interact with all of your AWS datasources, so that you can rapidly transform your data investments in AWS. D s product product aws
AWS Overview
Below are the AWS objects that are required for setup.
| Tip |
|---|
Tip: If you do not have immediate access to these assets, some can be created as part of the workflow setup. |
...
To create these objects are part of the setup process, you must have an AWS account. For more information, see https://aws.amazon.com/.
...
To integrate with your existing S3 resources, you must choose a method of authentication. Choices:
cross-account role: This method uses IAM roles to define the permissions used by the product for S3 access.
Tip Tip: This method is recommended.
- key-secret access: This method uses an IAM access keys to provide S3 access.
...
An IAM (Identity and Access Management) policy is an AWS resource used to define the low-level permissions for access to a specific resource. During setup, you can use or create a new IAM policy for the product to use for either access method.
For more information, see "Create policy to grant access to S3 bucket" below.
...
An IAM role contains one or more IAM policies that can be used to define the set of available AWS services and the level of access to them for a user. In this case, the user is the
| D s webapp |
|---|
...
For better security, your S3 bucket may be encrypted, which means that the data is stored inside of S3 in a way that is not human-readable.
| Info |
|---|
NOTE: The product can optionally integrate with encrypted S3 buckets. The following S3 encryption methods are supported: sse-s3 and sse-kms. |
| Info |
|---|
NOTE: If your bucket is encrypted with ss3-kms, additional configuration is required. See "Update policy to accommodate SSE-KMS if necessary" below. |
For more information on your bucket's encryption, please contact your S3 administrator.
...
If needed, you can change the location where results are stored in S3.
| Info |
|---|
NOTE: The product must have write permission to this location. If you are changing the location from the default, please verify with your S3 administrator that the preferred location is enabled for writing through your access method. |
...
The account ID identifies in the trust policy that
| D s item | ||
|---|---|---|
|
| Tip |
|---|
Tip: This identifier is provided to you during registration and setup. |
...
The external ID identifies in the trust policy that
| D s product | ||
|---|---|---|
|
| Tip |
|---|
Tip: This identifier is provided to you during registration and setup. |
Technical Setup
The following sections should be provided to your AWS administrator for setting up access to these resources, if required.
Create policy to grant access to S3 bucket
To use your own S3 bucket(s) with
| D s product | ||
|---|---|---|
|
- For more information on creating policies, see https://console.aws.amazon.com/iam/home#/policies.
Below is an example policy template. You should use this template to create the policy.
| Info |
|---|
NOTE: You should not simply use one of the predefined AWS policies or an existing policy you have as it will likely give access to more resources than required. |
Template Notes:
- One of the statements grants access to the
trifacta-public-datasetsbucket, which contains resources used for the onboarding tour. - Replace
<my_default_S3_bucket>with the name of your default S3 bucket. - To grant access to multiple buckets within your account, you can extend the resources list to accommodate the additional buckets.
Policy Template
| Code Block |
|---|
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:ListBucket",
"s3:DeleteObject",
"s3:GetBucketLocation"
],
"Resource": [
"arn:aws:s3:::<my_default_S3_bucket>",
"arn:aws:s3:::<my_default_S3_bucket>/*"
]
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::trifacta-public-datasets",
"arn:aws:s3:::trifacta-public-datasets/*"
]
}
]
} |
Update policy to accommodate SSE-KMS if necessary
If any accessible bucket is encrypted with SSE-KMS, another policy must be deployed. See https://docs.aws.amazon.com/kms/latest/developerguide/iam-policies.html.
...
| D s item | ||
|---|---|---|
|
When the product is first launched, a default storage environment is automatically created for you as part of this setup process.
| D s tfs | ||
|---|---|---|
|
| D s company |
|---|
| D s company |
|---|
Using S3 as default storage environment
If preferred, you can configure the use of S3 as the default storage environment.
| Info |
|---|
NOTE: When S3 is used as the default storage environment, you must provide the policies, buckets, and other AWS resources required to manage your datasets and generated results. You must acquire configuration information before you can connect to your S3 assets. These requirements for these resources are covered later. |
Using combinations of
| D s tfs |
|---|
Any of the following storage environment options can be configured after registration. These environments can be configured through the
| D s webapp |
|---|
| Default Storage Environment | Additional Storage Environment | |
|---|---|---|
| none | |
| S3 | |
| S3 | none | |
| S3 |
|
Whitelist the IP address range of the
| D s item | ||
|---|---|---|
|
...
If you are enabling any relational source, including Redshift, you must whitelist the IP address of the
| Include Page | ||||
|---|---|---|---|---|
|
Register for
| d-s- |
|---|
...
| product | |
|---|---|
|
...
|
...
| Tip | |
|---|---|
Tip: You can begin using
|
...
|
...
|
...
| Code Block |
|---|
34.86.43.62/32
35.230.178.129/32
35.245.163.90/32
34.86.140.202/32 |
For Redshift:
For Redshift, there are two ways to whitelist the IP depending on if you are using EC2-VPC or EC2-Classic (not common).
...
|
...
see https:// |
...
...
...
...
For details on this process with RDS in general, see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.RDSSecurityGroups.html
For more information, please contact
| D s support |
|---|
Register for D s product product aws
| product | aws |
|---|
To begin the registration process, please visit https://www.trifacta.com/start-wrangling.
...
Login
After you have completed registration, please login , you must verify your email address. After verification, log in to the application.
| Info |
|---|
NOTE: If you selected S3 as your default storage layer, you must configure access before you can use the workspace. Please use the links below for more information. |
Workspace Setup
Set Default Storage Layer
You
...
can configure
| D s tfs |
|---|
Set up AWS credentials
If you selected S3 as your default storage layer, you must provide your AWS credentials. For more information, see AWS Account Page.
Review Workspace Settings
As the first registered user, you are assigned the workspace admin role, which provides control over workspace-level settings. Before you invite members users to the workspace, you should review and modify the basic configuration for the workspace.
| Tip |
|---|
Tip: You can also rename the workspace. |
...
For more information, see Workspace Settings Page.
Verify Operations
| Info |
|---|
NOTE: Workspace administrators should complete the following steps to verify that the product is operational end-to-end. |
| Excerpt Include | ||||||
|---|---|---|---|---|---|---|
|
Invite
...
Users
| Info |
|---|
NOTE: First-time users of the product should access it by invitation only. Do not provide direct URLs to first-time users. |
- You can invite other people to join your workspace.
- When members users initially join your workspace, they are assigned a non-admin role. Through the Workspace Members Users page, you can assign roles.
- Select User menu > Admin Console > Users. Then, click Invite Users.
- For more information, see Workspace Users Page.
- The workspace administrators must provide credentials for each workspace member account. See Workspace Users PageUsers Page.
Example Flows
When a new workspace is created, the first user is provided a set of example flows. These flows are intended to teach by example and illustrate many recommended practices for building your own flows. For more information on example flows, see Basics.
Getting Started for Workspace
...
This section walks through the process of getting started as a new member of a
| D s product | ||
|---|---|---|
|
Steps:
...
Users
| Tip |
|---|
Tip: After you have registered for a trial, you can immediately begin using the product. |
This section contains additional steps that may be required to use all features of the product.
Email verification
When you connect to the product, you may see a banner indicating that you have not confirmed your email address.
| Info |
|---|
NOTE: You cannot invite other users to your workspace or receive email-based notifications from the product until you verify your email address. |
Steps:
In the
, click the button in the banner to send an email to the address that you used to register.D s webapp You should receive an email like the following:
D caption Welcome email
- Click the link. If you .
Storage configuration
Individual users may be required to provide their own AWS authentication credentials. When they login for the first time, you may see a Missing Storage Settings error message
...
. For more information, see AWS Account Page.
Verify operations
To verify that the workspace is operating correctly for your configuration, run a job. See "Verify Operations" above.
Additional resources
To access the full customer documentation, from the left nav bar, select
...
Resources menu > Documentation.
The following resources can assist workspace members users in getting started with wrangling.
- If product walkthroughs have been enabled, each new member can step through an onboarding tour of the product after first login.
- For an overview of the product, see Product Overview.
- Check out the
: https://community.trifacta.com. See Alteryx Community.D s item item Community - Try the free Wrangler certification course. See https://community.trifacta.com/s/academywelcome.Alteryx Academy.
- For a basic summary of each step of the wrangling process, see Workflow Basics.
| D s also | ||
|---|---|---|
|
