[
https://issues.apache.org/jira/browse/NIFI-9679?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Joe Gresock updated NIFI-9679:
------------------------------
Fix Version/s: 1.16.0
Resolution: Fixed
Status: Resolved (was: Patch Available)
> Add Permissions for Accessing Environment Credentials
> -----------------------------------------------------
>
> Key: NIFI-9679
> URL: https://issues.apache.org/jira/browse/NIFI-9679
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework, Extensions
> Reporter: David Handermann
> Assignee: David Handermann
> Priority: Minor
> Fix For: 1.16.0
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> Multiple extension components support authenticated access to various service
> providers using a variety of authentication strategies. Supporting libraries
> often provide fallback strategies that can read credentials from system
> properties, environment variables, or default file locations.
> In some deployments, the fallback credentials may provide greater access to
> resources than would otherwise be supported through direct component
> configuration. Although a component may not be configured with explicit
> credentials, the component can access external service resources using
> fallback capabilities. In deployments with restricted access policies, the
> hosting server should be able to access these resources, but NiFi access
> should be limited.
> Introducing a new Required Permission and annotating applicable components
> will support fine-grained control over NiFi component access. Applicable
> components include processors supporting access to Amazon Web Services,
> Google Cloud Platform, and Microsoft Azure.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
