Created on 12-14-201705:51 PM - edited 08-17-201909:46 AM
In Apache NIFI, flow configuration allows users to reference environmental specific or system variables using Expression Language (EL). Prior to NIFI 1.4 release, a file-based variable registry was available. However, the management of those variables can be challenging due to the lack of a user interface. Additionally, those variables in the file based variable registry cannot be updated at NIFI runtime, hence breaking the continuous processing whenever NIFI needs to be restarted to update variables.
In Apache NIFI 1.4, a UI driven variable registry was made available. This would help simplify the configuration management of flows in flow migration use cases across environments (works great in conjunction with the Flow Registry that is being discussed/worked on in the community).
More importantly, similar to how controller services are handled by the NIFI framework, variables are now persisted in the flow definition file (flow.xml). There is a ‘variable' section nested under each process group section as the variables are now scoped at PG level. From an end user perspective, you can, therefore, update/change/delete variables without having to restart your NIFI instance. The changes/updates would be effective immediately once successfully saved to the flow.xml file.
User-experience-wise, you can open the variable window at a PG level (either right click on the canvas, or right-click a select PG). All the PG level variables can be referenced by any processors in that PG, and inherited by lower level PGs. Furthermore, variables defined in a descendant group would override the value in a parent group. (e.g. 'user=hliu' is defined at root level. In a lower level PG, if the key ‘user’ is not redefined, value ‘hliu’ would be used when the key is being referenced. otherwise, the value defined in the closest PG would be used instead of the root level value)
From an authorization perspective, NIFI admin user does NOT need to define separate policies for the variables. The variable policies are aligned with component policies by default. For those who do not have access to view a PG, they cannot view the variables (or they simply cannot open the variable window). For those who have PG level view permission but no write permission, they cannot modify the variables.