Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-12501

[MiNiFi] Encrypt MiNiFi bootstrap.conf properties

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • None
    • MiNiFi

    Description

      Currently, there is no way to encrypt sensitive properties in bootstrap.conf and in the generated minifi.properties file.

      The goal of this story is to make it possible to encrypt sensitive property values in the bootstrap configuration file, and the generated minifi.properties file also should contain only encrypted values.

      • The supported encryption provider should be AES/GCM.
      • The encryption key can be defined in the minifi.bootstrap.sensitive.key property
      • We should provide a tool(minifi-toolkit-encrypt-config) to encrypt the bootstrap.conf properties, we can use the nifi-toolkit-encrypt-config as an inspiration

      Make sure that the solution works with change ingestors and c2 protocol as well

      Attachments

        Issue Links

          Activity

            People

              ferdei Ferenc Erdei
              ferdei Ferenc Erdei
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 1h 50m
                  1h 50m