Thank you Andy. I will create the JIRA for the feature request. On Tue, Oct 11, 2016 at 9:42 PM Andy LoPresto <[email protected]> wrote:
> Hi Pompilio, > > Unfortunately, NiFi does not currently offer a mechanism to protect > flowfile attributes. We are currently investigating feature enhancements > like attribute protection, marking it as sensitive (i.e. restricting access > and not displaying during provenance views) [1], and encrypting attributes > during transmission and persistence. Each of these features would be > beneficial but they introduce some difficult questions like ownership of > the attributes, user/component access control policies (especially across > site to site), etc. > > While this is not a complete mitigation, at least within a NiFi node, you > can use provenance to trace the value of an attribute through the entire > flow. As you mentioned multiple S2S hops, this lineage would not be carried > forward to the eventual destination. > > Please submit a Jira ticket [2] expressing your desire for this feature. > Community feedback helps the developers prioritize what goes into future > releases. > > [1] https://issues.apache.org/jira/browse/NIFI-1140 > [2] https://issues.apache.org/jira/secure/CreateIssue!default.jspa > > Andy LoPresto > [email protected] > *[email protected] <[email protected]>* > PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4 BACE 3C6E F65B 2F7D EF69 > > On Oct 11, 2016, at 6:42 AM, Pompilio Ramirez <[email protected]> > wrote: > > Hello, > > Is there a way to make an attribute / value protected? > For instance I have an edge device and I send data from it to bring home > to cloud. > The dataflow lifecycle will have my flowfile go through multiple NIFI site > to site clusters that will be supported by different dataflow teams. I want > to ensure certain attributes are not inadvertently replaced and as such I > want to mark them as protected. > > > I can see how if needed someone could go out of their way to replace / > delete an attribute but I am trying to see if there is anything in place > that would let me tag an attribute as protected. > > Thank you. > > >
