Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search

sensitive value access key, secret key and password not showing after importing from NiFi Registry

Labels:
avatar
Former Member

Created on ‎03-30-2020 02:00 AM - last edited on ‎03-30-2020 03:13 AM by Community Manager Community Manager

Hi Team,

am trying to import template  from NiFi registry, when imported template is not showing access key, secret key and password??

i wanted to know is there any solution for store sensitive value in cluster when we import template from Nifi registry it show value? 

is there any solution for that??

 

Thanks,

Anil

2,587 Views
0 Kudos
5 REPLIES 5

avatar
author-rank stevenmatison
Super Guru

Created on ‎03-30-2020 06:03 AM - edited ‎03-30-2020 06:35 AM

@Former Member 

 

The solution is to use variables (in older versions (<= 1.9 and on) and parameters (1.10 and on).

 

 

2,572 Views
0 Kudos

avatar
Former Member

Created ‎04-02-2020 10:52 PM

Thanks @stevenmatison  how and where use variables in Nifi please explain me in steps??

i'm using NiFi version 1.9 suggest me!!

 

Thanks,

 Anil

2,549 Views
0 Kudos

avatar
author-rank stevenmatison
Super Guru

Created ‎04-03-2020 05:48 AM

@Former Member here is an article that explains how to use variables:

 

https://community.cloudera.com/t5/Community-Articles/Introduction-into-Process-Group-Variables/ta-p/247625

 

You should create important variables at the main root canvas level for all your NiFi environments.  Then access these variables within your NiFi Registry controlled process groups via variable syntax: ${variableName}.   Then when you import that to another environment the variables already exist and the flow works after importing.

 

 

2,538 Views
0 Kudos

avatar
Former Member

Created ‎04-23-2020 10:33 PM

@stevenmatison  thanks, i tried solution but it's not working for sensitive value again,

when committing template to nifi registry then importing same template remaining variables showing values but sensitive value is not set.

@stevenmatison you have any other solution for sensitive value?

 

once again thanks @stevenmatison  for quick replay.

2,487 Views
0 Kudos

avatar
author-rank stevenmatison
Super Guru

Created ‎04-24-2020 06:16 AM

@Former Member I think you misunderstood the Variable Scoping.   All sensitive values in templates and registry controlled process groups do not migrate to the new instance.    These sensitive values should be set at the Root NiFi Canvas level per environment.  Then when you import a template, or in your case, a version controlled process group, the values are already set per environment.

 

For example:  Let's say we have 3 environments: dev, staging, and prod.   Each host has its own "database" host with different database tables, users and passwords.   I want all 3 environments to run a single flow with NiFi Registry Version Control.   I create the flows database controller services using ${host}, ${user}, ${pass}, ${database}, etc.  Now in each environment, at the root level,  I define each variable.    Since the sensitive value is defined at a higher Variable Scoping level (root canvas level or other higher level) it will be available to any template or version controlled process group at any lower Variable Scoping level.

 

 

 

2,468 Views
0 Kudos
Announcements
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics 1.14 for Cloudera Pu...
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
View More Announcements