The HDF 3.2 release notes mention that provenance and data access policies have been separated in nifi 1.7. The release notes do not mention what resource identifiers should be entered in ranger to give users access to provenance. Looking at the nifi release notes is similarly unhelpul.
my ranger nifi resource identifiers for data look like /data/process-groups/<uuid>
but /provenance/process-groups/<uuid> appears not to work
I would like to give people access to view any provenance events associated with components underneath a certain process group.
What ranger nifi resource identifier should I use?
For reference, the resource descriptors for the different component level access policies can be found in the NiFi Admin Guide, specifically: