Hello, Getting deeper on using nifi in multitenant use cases, I am facing a security question: our nifi users must be able to interact with hdfs not sharing their credentials (keytabs).
>From what understood, keytabCredentialsService enable a way to give a policy based control over keytabs access. Where I miss something is that for a user to use an hdfs processor, it requires read/write filesystem permissions. In this context, any hdfs user is able to read the keytabs of any other users. So in my understanding, it breaks the initial objective of keytabCredentialsService to control keytabs accesses. Am I missing something ? Do you have a mean to avoid giving access to all keytabs stored on local filesystem? Olivier
