.apache.org"
> Date: Tuesday, November 20, 2018 at 08:28
> To: "users@nifi.apache.org"
> Subject: Re: Multiple NiFi clusters with 1 NiFi Rigistry
>
>
>
> I think we would need to build some type of feature into registry to
truly support this. Poss
gt;
>
>
> Regards,
>
> Kevin
>
>
>
> From: Bryan Bende
> Reply-To: "users@nifi.apache.org"
> Date: Tuesday, November 20, 2018 at 08:28
> To: "users@nifi.apache.org"
> Subject: Re: Multiple NiFi clusters with 1 NiFi Rigistry
>
>
>
>
introduced to the Registry copy from non-production NiFis.
Regards,
Kevin
From: Bryan Bende
Reply-To: "users@nifi.apache.org"
Date: Tuesday, November 20, 2018 at 08:28
To: "users@nifi.apache.org"
Subject: Re: Multiple NiFi clusters with 1 NiFi Rigistry
I think we would nee
I think we would need to build some type of feature into registry to truly
support this. Possibly a more specific policy for proxies so that we could
say Dev NiFi can proxy read and write requests, and prod NiFi can only
proxy read requests. Currently it would only really work if you had
separate
Hi Koji,
Unfortunately all of my NiFi clusters use the same Kerberos domain, which is
making this harder.
Using NiFi identity mappings to map the same Kerberos principal to environment
aware ones seems like a good idea, but I’m thinking there will then be a
disconnect for Ranger (used for
Hi Chad,
NiFi Registry uses NiFi user's identity to authorize request.
Registry also checks NiFi instance's identity to authorize proxying
user requests, but this can only authorize proxy capability. In order
to control access such as bucket read/write, Registry uses NiFi user's
identity.
I
I am standing up 3 new HDF 3.2 clusters (Dev, Cert, and Prod) and we will be
focusing on NiFi (1.7.0) + NiFi Registry (0.2.0). We are using git as our
FlowPersistenceProvider. My plan is to use 1 NiFi Registry (the Prod NiFi
registry) for all 3 clusters, rather than having 3 NiFi Registries and