Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-9728

Add support for Azure user-assigned Managed Identity

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 1.16.0
    • None
    • None

    Description

      The ADLSCredentialsControllerService has support for the Azure (system-assigned) managed identity, obtaining access tokens from the local Azure Instance Metadata service endpoint.

      Azure also supports user-assigned Managed Identities that are available through the same Metadata endpoint by specifying the correct ClientID.

      Currently if more than one Managed Identity is available, the Controller appears to obtain a token from one of them at random.

      The improvement would be to add a new property "Managed Identity ClientID" and if not empty, make the ADLSCredentialsControllerService obtain a token for that specific identity.

      If the NIFI-8278 is implemented, a new Authentication Type of "User-assigned Managed Identity" can control whether to use the ClientID property or obtain the system-assigned Managed Identity.

      Attachments

        Issue Links

          Activity

            People

              turcsanyip Peter Turcsanyi
              ishalamboo Isha Lamboo
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 1.5h
                  1.5h