[NIFI-12501] [MiNiFi] Encrypt MiNiFi bootstrap.conf properties - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: MiNiFi
Labels:
- minifi-java

Description

Currently, there is no way to encrypt sensitive properties in bootstrap.conf and in the generated minifi.properties file.

The goal of this story is to make it possible to encrypt sensitive property values in the bootstrap configuration file, and the generated minifi.properties file also should contain only encrypted values.

The supported encryption provider should be AES/GCM.
The encryption key can be defined in the minifi.bootstrap.sensitive.key property
We should provide a tool(minifi-toolkit-encrypt-config) to encrypt the bootstrap.conf properties, we can use the nifi-toolkit-encrypt-config as an inspiration

Make sure that the solution works with change ingestors and c2 protocol as well

Attachments

Issue Links

links to

GitHub Pull Request #8151

Activity

People

Assignee:: Ferenc Erdei

Reporter:: Ferenc Erdei

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 11/Dec/23 12:52

Updated:: 22/Jan/24 09:07

Resolved:: 22/Jan/24 09:07

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

1h 50m