I like the concept although I agree with Rob Moran that this UX may not
necessarily belong on the canvas. Rather, it could be a separate UX
targeted at an admin type user. Maybe the admin would be able to drag/drop
into the zones and 'configure' NiFi on a per user/group basis and then when
a partic
Telescopic then that there might be flow one has no access to see as
well as other flow one can see but not change? Then do we have flow to
which one can add, but not subtract, etc.? Can one detach from a
protected flow? Can one stop/start protected flows? If a protected flow
cannot be stopped,
If I'm understanding how this security zone concept would work, I think
making decisions about the placement of components on the canvas according
to authorization would introduce a lot of confusion around understanding
the data flow itself and how it is supposed to work.
To me a big part of acces
Thanks for starting this DISCUSS. This is definitely an area that we need
to continue improving.
The concept of a security zone seems like it could be implemented using a
Process Group. However, if I'm following along the difference being that
the security zone does not visually hide encapsulated
Hi Andy,
I like this idea, too! Enabling security policy for multiple components is
definitely useful.
While I was thinking about the security zone concept, I was wondering if
components those share the same level of security policy stay close in 2
Dimensional position on a flow. Maybe those comp
I like this idea. I like moving some of the security controls into the UI.
Using this with Process Groups would be an adequate level of granularity
for me. I think this would add a lot of value to the UI and adding security
policy controls to UI enables super users to manage the security without
ne
There are of course UI/UX improvements to be made but as a rough concept, I
really like the idea. It reminds me a lot of the origin story of NiFi;
where instead of having to map out the dataflow in Visio-like program each
time a manager wanted to see the current flow (and it'd be outdated an hour
l
That seems like a really interesting integrated visualization of security
concerns!
You would still need the complexities in the definition of the "security
zone" I imagine.
On Wed, Jan 18, 2017 at 3:38 PM, Andy LoPresto wrote:
> I just opened NIFI-3370 [1] for “apply access control polices
> s