Can we assign access to Actions in Production the same as we assign roles to production?

jspascual · 2023-06-02T00:10:21+00:00

There was an error rendering this rich post.

Hi,

Not sure if this has been submitted before but I quickly searched and could not find any.

Problem: Can we assign access to Actions in Production model?

Sometimes, we need to create new actions and we need to assign access to those actions in development model, so when sync to production, the roles can access those actions.

However, you can forget one or two actions, and it's just feels like somewhat unnecessary to go back into the development model, tick that action for access under the roles, then sync to production. If the model is heavy in export actions such as the model that I've been working on, it would become problematic if you forgot to tick them in the roles accesses.

Proposed solution: Can it be also allowed to be ticked in production just like how the role is also allowed to be assigned in production? We follow strict deployment processes to adhere to our IT standard and processes, and a simple change like that will have to follow our ALM processes, test scripts, etc. This will be very helpful if we can have it done also in production.

Thanks!

Accepted answers

All comments

M.Kierepka

Hi,

From your explanation, the problem is not with Anaplan settings, but rather your test scripts (or following them). They are in deployment processes so that functionalities are tested - and one of the tests should be if an end user with given role can use the new export. Or maybe your deployment process should be a little more forgiving, and allow for quick release of small changes like that (it can be easily audited using "compare revision tags" what changes are pushed).

Having this as production setting will only introduce issues with access between environments, with testing (someone will tick the access in the dev/test environment, but forget in production) and deployment to multiple production environments.

jspascual

Thanks for the reply @M.Kierepka .

I understand the suggestion, and the thorough testing that developers should do prior to deploying to production. However, it will also be very helpful if the accesses for these actions can be assigned also in production just like how the role is assigned in production. The development of the actions happen in the development environment, giving roles accesses to these actions should not require anymore deployment as this gets assigned in a separate area in the model anyway and is done by someone who has full access or WSA.

I also understand the risk of ticking/unticking the access in dev but not in production and vice versa but this becomes moot when not ticked in dev and deployed to production but should be ultimately ticked in production. When this happens, there's a need to wait for another scheduled deployment, or at least after hours to deploy this very minor change. Whereas, if we could tick this in production, then all will be good. Also if a role does not have access to an action and ask for it, then another deployment is required. It is much easier to get an approval from their manager and just tick that access rather than getting the approval, prepare for development, prepare for a preprod, create a rev tag, wait for after hours, then sync to prod.

RouradT8

Hello,

Assigning access to actions directly in the production model is not a recommended practice due to the risk of unintentional changes. It is best to maintain strict control over access permissions through development models and follow the established deployment processes to ensure proper testing and adherence to IT standards.

Best regard,
RouradT8

Quick Links

Can you help?

Unanswered questions

Request for Workflow Design: End-User Report Finalization & Stakeholder Notification with Version Co
Hi everyone, I'm looking to design a workflow and would appreciate your input or guidance on how to set this up effectively in Anaplan. So, the goal is: Once end users complete their data input, they should be able to trigger a process that: Notifies stakeholders via email with a link to a report. The report includes: A…
OAUTH 2.0 vs Google Sheets Extension
Hi, My org is looking to explore leveraging Google Apps script to extract data out of Anaplan and update already built templates in Google Sheets. We use the Anaplan Extension currently but find it crashes often with the amount of tabs, data, etc. Has anyone used both Anaplan OAUTH 2.0 API and Goolge Apps Script to write…
Exports with anaplan using informatica connector
I'm trying to execute an Action to export data with the use of a Mapping in Informatica. But it gives us null rows .If we export directly from Anaplan , the export file has all the rows filled. Both exports have same number of rows but in the informatica export the values appear as blank. This issue is with only some…