Citizen Integrator Solution?

@shodge, I think you mostly captured what I was saying. I think the paradigm shift is how we look at the globally shared project. I’ve reworked my thoughts and the use case a little bit below. I’m going to use accounts instead of snaplexes to better demonstrate the case, but it works similarly for snaplexes and shared pipelines.

Use Case:

• Workday is used for ERP - both HCM & Finance
• A minimum of 3 project spaces are utilized by IT to organize Workday-related integrations: HCM, Finance, and Service Management
• 4 Workday tenants are implemented: Production, Sandbox, Dev, and Sandbox Preview
• Workday-related pipelines may require (for each tenant) Workday accounts, SOAP WSSE accounts, and REST accounts. This results in a minimum of 9 accounts to maintain in the globally shared project to be shared across all Workday-related project spaces.
• The business is attempting to implement a citizen integrator strategy for LOB. But the the LOB integrators have no business accessing Workday HCM or Finance data without strict authorization governance…

Current options are:

• Remove the 9 accounts from the globally shared project and create and maintain them in each of the 3+ Workday-related project spaces (27+ accounts to maintain)
• Create new SnapLogic org(s) and snaplexes for the new citizen integrator team(s), resulting in potentially significant add to the budget.
• Nix the whole citizen integrator strategy
• Dynamic accounts might be useful in this case, but we don’t want to broadcast passwords out to everyone that has project read access

So, my platform enhancement suggestion might be to create a globally shared/restricted project space where access is not controlled by a user/group mapping, but by a project mapping. Everything else in the platform remains the same.