Cognite Functions: Request for Functionality Addition

Related products: Functions

I am writing to request an addition to the current CDF's functionality. Specifically, I would like to request a feature that would allow us to control the access right for Cognite Functions that operate within the system.

Currently, we do not have the ability to prevent users from deleting or accessing other users' function. We believe that adding this functionality to the system would greatly improve its security and usability.

Thank you for your time and consideration. We look forward to hearing back from you soon.

Thank you for taking the time to write this pice of feedback, it is much appreciated and valuable input for us in planning the next set of access control features. 

Today one can place the function’s file in a data set and restrict the code of the function from being altered by others, while the function definition itself cannot. We are looking into how we can improve this and also the experience around controlling access, though not a clear timeline is in place for when it will be available in the product. 

 

Best regards,

Jørgen


NewGathering Interest

Today one can place the function’s file in a data set and restrict the code of the function from being altered by others, while the function definition itself cannot. We are looking into how we can improve this and also the experience around controlling access, though not a clear timeline is in place for when it will be available in the product. 

Also worth noting that after a function has been created, the file object may be deleted.

We have an easy-to-use template for Github that helps make deployments to Functions maintainable which does exactly this by default: https://github.com/cognitedata/deploy-functions-oidc


Thank you for your response and the helpful information about maintaining deployments to Functions using Github.

I just wanted to mention that the users implementing and utilizing functions may not necessarily be IT engineers, so it's important to keep the implementation process as simple as possible. Additionally, while I had set up a Github environment, the personnel at the site have had some difficulty using it effectively. Therefore, I believe that using a GUI for operations would be the most efficient way to proceed with their work.


Very good point! We do want to cater for the data engineers working on creating and modifying functions are self serviced in terms of not having to go by IT engineers to configure access to protect their work from others.

Appreciate your input!

 

Best regards,
Jørgen