Support Questions

Find answers, ask questions, and share your expertise
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

securing secrets when using Nifi PutIceberg Processor

avatar
New Contributor

I use the PutIcebergProcessor to write data to my data lake. Therefore I need to specify a HiveCatalogService. This Service needs HadoopConfigurationResources. This parameter is a path to an xml file containing the credentials to the S3 where the Iceberg files are stored.

My Problem with this, that some content of this file is supposed to be secret to the users interacting with the nifi ui. However, as soon as a UI user knows this path, he can simply use ExecuteProcess Processor to retrieve those information. 

Is there any way to keep those information safe?

 

Reference:

1 ACCEPTED SOLUTION

avatar
Master Collaborator
hide-solution

This problem has been solved!

Want to get a detailed solution you have to login/registered on the community

Register/Login
2 REPLIES 2

avatar
Master Collaborator
hide-solution

This problem has been solved!

Want to get a detailed solution you have to login/registered on the community

Register/Login

avatar

I agree with ckumar's point and there is one more thing you could do if it makes you feel safer.
You could put the HadoopConfigurationResources file path string into a sensitive parameter and refer to the that parameter (using #{paramname}) in the HiveCatalogService property.