Details
-
New Feature
-
Status: Resolved
-
Major
-
Resolution: Won't Fix
-
1.13.2
-
None
-
None
Description
I'd like to have sensitive attributes on the flow files.
I need to store attributes
z_Password
z_JWT_Token
http.headers.Authorization (from HandleHttpRquest)
and general users shouldn't see these attribute values - instead the values should be masked with asterisk '*'.
Only users with superadmin policy or policy.view.sensitive.attribute.<attribute name> policy should be alllowed to view the sensitive attributes.
policy.view.sensitive.attribute.in.processgroup.<processgroup>
sensitive attributes could be configured per process group and then inherited to sub process groups.
Maybe the other way around - all attributes are sensitive by default.
Users can only view attributes they have policy for.
polic.yview.sensitive.attribute.<regex_attribute name>
policy.view.ALL.sensitive.attributes
more thinking about this is needed.
good ideas are welcome.
a sensitive attribute should be displayed in the ui with asterisks and a user that has authorization to view it should have a button next to the attibute that changes the display to clear text when clicked.