[
https://issues.apache.org/jira/browse/NIFI-3110?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andy LoPresto updated NIFI-3110:
--------------------------------
Description:
By design, templates do not include any processor properties marked as
*sensitive* by the {{PropertyDescriptor}} (e.g. encryption password, JDBC
connection password, etc.). This is to prevent accidental data leakage when
templates are exported and shared.
Now that the [Variable
Registry|https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#custom_properties]
is available, templates should be able to export the value of a sensitive
property _*if and only if*_ it can be determined that the value is a reference
to an entry in the Variable Registry rather than a literal sensitive value.
This will support the efforts for enhancing the "SDLC" process of promoting
flows from "development" to "QA/QE" and "production" environments, as the
template/flow will not need to be modified to reference the distinct values
(under the same reference) in each environment.
was:
By design, templates do not include any processor properties marked as
*sensitive* by the {{PropertyDescriptor}} (e.g. encryption password, JDBC
connection password, etc.). This is to prevent accidental data leakage when
templates are exported and shared.
Now that the [Variable
Registry|https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#custom_properties]
is available, templates should be able to export the value of a sensitive
property **if and only if** it can be determined that the value is a reference
to an entry in the Variable Registry rather than a literal sensitive value.
This will support the efforts for enhancing the "SDLC" process of promoting
flows from "development" to "QA/QE" and "production" environments, as the
template/flow will not need to be modified to reference the distinct values
(under the same reference) in each environment.
> Allow template export to include variable registry references for sensitive
> values
> ----------------------------------------------------------------------------------
>
> Key: NIFI-3110
> URL: https://issues.apache.org/jira/browse/NIFI-3110
> Project: Apache NiFi
> Issue Type: New Feature
> Components: Core Framework
> Affects Versions: 1.1.0
> Reporter: Andy LoPresto
>
> By design, templates do not include any processor properties marked as
> *sensitive* by the {{PropertyDescriptor}} (e.g. encryption password, JDBC
> connection password, etc.). This is to prevent accidental data leakage when
> templates are exported and shared.
> Now that the [Variable
> Registry|https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#custom_properties]
> is available, templates should be able to export the value of a sensitive
> property _*if and only if*_ it can be determined that the value is a
> reference to an entry in the Variable Registry rather than a literal
> sensitive value. This will support the efforts for enhancing the "SDLC"
> process of promoting flows from "development" to "QA/QE" and "production"
> environments, as the template/flow will not need to be modified to reference
> the distinct values (under the same reference) in each environment.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
