Hello I have provided nifi 1.15 in a docker image for one on the company consultant. This image (among others) will be deployed for one of our customers.
The consultant asked me to "protect" the flow.xml.gz file, especially from the team responsible of managing the servers. He would want this file protected from unwanted access from user, such as root. I know that the UI can be secured by https + user/password. But my main concern are the following access: Docker exec : Running "Docker exec" from the host grants access to the whole container and therefore the flow.xml.gz. Volume The nifi conf dir is exposed through a docker volume. The flow.xml.gz can be thus accessed from the host running docker. Does someone have an idea about how to "secure" the file flow.xml.gz ? can Nifi apply a password or encrypt the gz file ? Note : The goal is to secure the whole file. Crypting the sensitive propereties is out of scope here, for the moment. Thanks in advance. N.
