Configuration scenario: Workspace members sharing a file repository

Edit online

If your team shares access to files and folders in a common repository, use this article to configure your organization. You'll use the Aspera on Cloud Files app to enable secure and permission-based sharing of folders among collaborators.

For example, perhaps your team is:
  • A video production company developing a film through ideation, production, and editing.
  • A team of geologists studying the feasibility of exploratory mining in a given site.
  • Part of a production company sharing assets among internal teams who provide coloration, titles, or other services.

Aspera proposes a workspace like this. This setup is flexible of course, and you can adapt it for your specific needs.

Your AoC organization: Overview

Edit online

Your Aspera on Cloud (AoC) organization is the primary container and administrative unit in your IBM Aspera subscription.

Customize your URL to brand your org

You can name your org and configure the subdomain of the URL that users will browse to access your org. For example, if your company name is American Mineral Company, you can choose to use the URL mineralco.ibmaspera.com. For details on this one-time-only configuration, see Customize your organization URL, name, and logo.

Your users collaborate in a workspace

A workspace is a digital space where designated members can collaborate. Each workspace is a collection of specific users, files and folders, access permissions, and collaboration rules. The users, files, and folders in one workspace are completely separate from those in another workspace. You'll configure a workspace in Procedure 2 below.

Users in a given workspace can collaborate freely with other members of the same workspace. By default, workspace members can also collaborate with users outside the workspace. But the admin can restrict that privilege if necessary; see Procedure 3 below.

Your files and folders are in IBM Cloud storage

Each Aspera on Cloud subscription includes one built-in, Aspera-managed auto-scale transfer cluster attached to storage in IBM Cloud.

This Aspera transfer cluster (also called ATS, Aspera transfer service; sometimes called a node) is the engine that AoC uses to upload and download your files and folders to and from your built-in IBM Cloud storage. ATS is hosted and managed by IBM Aspera.

The built-in IBM Cloud storage hosts your organization workspace, including the content your users upload and share using the Files app. As an admin, you can also upload content directly to this storage and then make that content available to your users. (Storage capacity depends on your AoC subscription tier.) See procedure 4 below.

The access credentials (access key and secret) for this transfer cluster and storage are delivered to the administrator who first created the AoC organization. You should secSecure the access credentials for your built-in noderetrieve and securely store the access credentials; they allow you to access and manage your IBM Cloud storage.

Note: If desired, you can attach your own local or cloud storage to Aspera on Cloud and then share storage contents with workspace users, but that process is not covered in this document; see articles in the Nodes section of this Help Center.

Process overview

Edit online

These are the high-level steps required to configure the scenario shown in the graphic in the opening section of this article; detailed procedures follow. Adapt as needed for your own requirements.

Use the AoC Admin app to:

  1. Create groups of users to simplify and accelerate user management.
  2. Configure the workspace in which your groups will collaborate. Add your user groups as workspace members.
  3. (Optional) Configure the Files app to allow your workspace members to collaborate only within the workspace. This configuration is by no means required, but it allows you greater control over access to your proprietary assets.
  4. In your built-in IBM Cloud storage, create the folders in which your groups will collaborate; share the folders with your groups, assigning specific permissions to allow access while preserving content security.
  5. (Optional) Configure notifications to alert internal users when new content appears in their folders.
Important: As an admin, you must provide a transfer method for your users. You can do either of the following:
  • Notify your users that they will be prompted to download and install IBM Aspera Connect, the free, lightweight client app that enables high-speed transfers between the AoC app and the user desktop. For most browsers, users must also install a browser extension on each browser they use to access Aspera on Cloud. See Installation.
  • Configure the IBM Aspera HTTP Gateway, then attach it to Aspera on Cloud. This transfer method does not require users to download and install the Aspera Connect client.

1. Create groups to accelerate user management

Edit online
Use the AoC Admin app to create groups and add members to each group. You can add group members as follows:
  • Add users who are already members of your AoC organization. You'll see their names or email addresses auto-filling in the Add members dialog.
  • Add users who are not part of your AoC org. When you add new users to a group, you simultaneously add them as members of the organization.
  1. Go to the Admin app by clicking the app switcher and selecting Admin.
  2. Go to Groups > Create new.
  3. Give the group a name; for example, Group 1.
  4. Click Save.

    You have created the group; now add members to it.

  5. Click Members > Add members.
  6. Enter user names or email addresses for these group members and click Add. You can add multiple members in one operation.
  7. Repeat this procedure for Group 2 (other internal users who collaborate with Group 1)

After you create the two groups, your Aspera on Cloud org looks like this:

2. Configure the workspace for collaboration

Edit online

Now set up the workspace and add your groups as members of the workspace.

Every AoC subscription is configured with one default workspace. Aspera recommends that you rename and use your default workspace. (Depending on your subscription, you may be able to create a new workspace).

  1. Go to Workspaces > Default workspace.
  2. Give this workspace a name that clearly indicates its purpose; for example, Project Alpha.
  3. Click Save.
  4. Click Members > Add member.
  5. In the Search for new members field, enter the names of your user groups.
    Note: Add yourself as a workspace member so you can verify correct workspace configuration. You can revoke your membership later if desired.
  6. Click Add.

You now have a workspace with your groups as members.

2a. Disable the Packages app in your workspace (optional)

Edit online

Both the Files and Packages apps are enabled by default. This workspace uses only the Files app, so disable the Packages app. You can re-enable it at any time.

Important: Before you perform this procedure, be sure that you have retrieved the access key for your built-in node and storage; the admin who created the AoC organization received the credentials in a digital package from Aspera Tech Support. You can re-enable the Packages app any time.
  1. If necessary, open your new workspace: Workspaces > Project Alpha.
  2. Click Applications > Packages.
  3. Clear the checkbox labeled Use global app settings.
  4. Clear the checkbox labeled Enable application.
  5. Click Save.

3. Configure the workspace Files app for secure collaboration (optional)

Edit online

In this optional procedure, you'll configure the following specific collaboration capabilities for your workspace members. If you don't need these additional controls and security, skip this procedure.

  • Allow workspace members to upload content only into the folders you designate. This configuration makes it easy for you to monitor storage usage and transfer volume.
  • Restrict sharing to workspace members only. This means that workspace members can share with other members of the workspace only; they cannot share with anyone outside the workspace or outside the AoC organization.

Configure the Files app:

  1. Go to Workspaces > Project Alpha > Applications > Files.
  2. In Custom application settings, clear the checkbox labeled Use global app settings.
  3. In Restrict usage, click the toggle labeled Members cannot upload to or create folders on their home folder to On.

    The home folder is the root level of the Files app. By preventing uploads to this root level, you ensure that users upload content only into the folders you create on the built-in IBM Cloud storage and share with the workspace (see Procedure 4); these are folders you can readily monitor. For details, see Managing storage usage.

  4. In Collaboration, do the following:
    1. Set Who can share folders via public links to No one.

      This setting prevents members from sending a public link to share folders with people outside the workspace or organization.

    2. Set Who can share folders with external users to No one.
      This setting ensure that members can share only with each other.
  5. Click Save.

4. Create and share the collaboration folders with the groups

Edit online

Now set up folders on your IBM Cloud storage and share them with your groups, giving them the spaces to collaborate in. You'll give access and the required permissions to each group. Then you can upload the desired content to the folders, or allow the users with "Upload" permission to populate the folder content.

You'll need the node secret for this procedure. To find the secret, see Important note in procedure 2a.

Recall that this is the configuration goal:

To create and share folders, do the following:
  1. Go to Workspaces > Project Alpha > Applications > Files > Shared folders > Create new.
  2. In the Node access dialog that opens, select the intended node, enter your node secret, and click Log in.
  3. Create the first folder for your groups to collaborate in:
    1. In the Choose folder to share dialog that opens, click Create folder.
    2. Name the folder "Raw data", then click OK. The new folder appears in the list.
    3. Click to select this new folder, then click Submit. This action makes the folder a shared folder.

  4. Share the folder "Raw data" with Group 1 and Group 2, giving both user groups Edit permission to this folder:
    1. Click the folder row to open it, then click Add member.
    2. In the field that displays Search for new members, enter Group 1 and Group 2.

      The default permission setting is Can edit. This permission allows members full access to folder contents, including Delete. Click Custom to apply only specific permission.

    3. Click Add.
  5. Repeat the previous steps to create the folder "Data analysis", then add Group 1 and Group 2 as members with Can edit permission.

When you complete this procedure, your users can see the folders you created and can access folder content according to the permissions you assigned. Users must go to the workspace you set up in Procedure 2, and access the Files app in that workspace.

5. Configure notifications (optional)

Edit online
By default, AoC sends email notifications to all users when they receive access to a shared folder. This means that the users in your groups receive an email with a link to access each folder you share.
Note: If users don't see the notifications, ask them to verify that they've enabled receipt of notifications in their Account settings page. They may also need to add Aspera to their email contacts. See also "Troubleshooting Email Notifications".

You can also allow your users to configure a notification when content is added to a folder they need to monitor.

  1. Go to Workspaces > Project Alpha > Notifications.
  2. Click the toggle labeled Use organization settings to Off.
  3. Click the toggle labeled Allow users to turn on notifications for new shared folder content to On.
  4. Click Save.

Your users can now set notifications for themselves when new content is added to the folders they need to monitor. For a user procedure, see .

Results

Edit online
Your configuration work is done.
  • Your groups are members of your org and the workspace Project Alpha. Each member receives four email notifications.
    • The first contains a link allowing them to join the organization by logging in and creating an account.
    • The second email contains a link to join the workspace. These are standard users in your org.
    • The third and fourth emails contain links the to two folders you shared with them.
  • In the workspace, your groups see and can access the two folders you created in their Files app.