Configure for EC2 Role-Based Authentication
When you are running the Designer Cloud Powered by Trifacta platform on an EC2 instance, you can leverage your enterprise IAM roles to manage permissions on the instance for the Designer Cloud Powered by Trifacta platform. When this type of authentication is enabled, Alteryx administrators can apply a role to the EC2 instance where the platform is running. That role's permissions apply to all users of the platform.
IAM roles
Before you begin, your IAM roles should be defined and attached to the associated EC2 instance.
Note
The IAM instance role used for S3 access should have access to resources at the bucket level.
For more information, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html.
AWS System Mode
To enable role-based instance authentication, the following parameter must be enabled.
"aws.mode": "system",
Additional AWS Configuration
The following additional parameters must be specified:
Parameter | Description |
|---|---|
aws.credentialProvider | Set this value to |
aws.hadoopFsUseSharedInstanceProvider | Set this value to |
Use of S3 Sources
To access S3 for storage, additional configuration for S3 may be required.
Note
Do not configure the properties that apply to user mode.
Output sizing recommendations:
Single-file output: If you are generating a single file, you should try to keep its size under 1 GB.
Multi-part output: For multiple-file outputs, each part file should be under 1 GB in size.
For more information, see https://docs.aws.amazon.com/redshift/latest/dg/c_best-practices-use-multiple-files.html
For more information, see S3 Access.