I am standing up 3 new HDF 3.2 clusters (Dev, Cert, and Prod) and we will be focusing on NiFi (1.7.0) + NiFi Registry (0.2.0). We are using git as our FlowPersistenceProvider. My plan is to use 1 NiFi Registry (the Prod NiFi registry) for all 3 clusters, rather than having 3 NiFi Registries and trying to keep the DB’s in sync between the 3 NiFi Registry instances.
Is there a way to implement some type of authorization so that users can only PUSH/PULL changes from Dev NiFi to Prod NiFi Registry, and only PULL from Cert and Prod NiFi from Prod NiFi Registry? NiFi and NiFi Registry both use the ‘kerberos-identity-provider’ for authentication, and the Prod NiFi Registry authenticates with git via a ssh access key. Thanks, Chad
