[
https://issues.apache.org/jira/browse/NIFI-8447?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Joseph Gresock updated NIFI-8447:
---------------------------------
Description:
Using the HashiCorpVaultCommunicationService, add options to the Encrypt Tool
in nifi-toolkit for the following:
# Select encryption method (aes/gcm vs. vault)
# Select vault configuration (recommended as a vault-configuration.properties
file, since there are so many configuration properties). Vault configuration
properties include:
{code}
nifi.sensitive.props.vault.addr=
nifi.sensitive.props.vault.transit.key=
nifi.sensitive.props.vault.auth.properties.file=
# Optional TLS options if addr is https
nifi.security.keystore=
nifi.security.keystoreType=
nifi.security.keystorPasswd=
nifi.security.keyPasswd=
nifi.security.truststore=
nifi.security.truststoreType=
nifi.security.truststorePasswd=
{code}
Selecting vault encryption method should set the encryption value in XML files
or the *.protected property in properties files to "vault/[transitKey]"
Additionally, the corresponding nifi.sensitive.props.vault.* properties should
be configured in the resulting nifi.properties file so that the NiFi instance
can use the same Vault configuration.
was:
Using the HashiCorpVaultCommunicationService, add options to the Encrypt Tool
in nifi-toolkit for the following:
# Select encryption method (aes/gcm vs. vault)
# Select vault configuration (recommended as a vault-configuration.properties
file, since there are so many configuration properties). Vault configuration
properties include:
```
nifi.sensitive.props.vault.addr=
nifi.sensitive.props.vault.transit.key=
nifi.sensitive.props.vault.auth.properties.file=
# Optional TLS options if addr is https
nifi.security.keystore=
nifi.security.keystoreType=
nifi.security.keystorPasswd=
nifi.security.keyPasswd=
nifi.security.truststore=
nifi.security.truststoreType=
nifi.security.truststorePasswd=
```
Selecting vault encryption method should set the encryption value in XML files
or the *.protected property in properties files to "vault/{transitKey}"
Additionally, the corresponding nifi.sensitive.props.vault.* properties should
be configured in the resulting nifi.properties file so that the NiFi instance
can use the same Vault configuration.
> Add Vault encryption as an option in the Encrypt Tool
> -----------------------------------------------------
>
> Key: NIFI-8447
> URL: https://issues.apache.org/jira/browse/NIFI-8447
> Project: Apache NiFi
> Issue Type: Sub-task
> Reporter: Joseph Gresock
> Priority: Minor
>
> Using the HashiCorpVaultCommunicationService, add options to the Encrypt Tool
> in nifi-toolkit for the following:
> # Select encryption method (aes/gcm vs. vault)
> # Select vault configuration (recommended as a
> vault-configuration.properties file, since there are so many configuration
> properties). Vault configuration properties include:
> {code}
> nifi.sensitive.props.vault.addr=
> nifi.sensitive.props.vault.transit.key=
> nifi.sensitive.props.vault.auth.properties.file=
> # Optional TLS options if addr is https
> nifi.security.keystore=
> nifi.security.keystoreType=
> nifi.security.keystorPasswd=
> nifi.security.keyPasswd=
> nifi.security.truststore=
> nifi.security.truststoreType=
> nifi.security.truststorePasswd=
> {code}
> Selecting vault encryption method should set the encryption value in XML
> files or the *.protected property in properties files to "vault/[transitKey]"
> Additionally, the corresponding nifi.sensitive.props.vault.* properties
> should be configured in the resulting nifi.properties file so that the NiFi
> instance can use the same Vault configuration.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
