nifi-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sivaprasanna <sivaprasanna...@gmail.com>
Subject Re: Reg: AzureBlobStorage Sensitive Property
Date Wed, 31 Jan 2018 02:40:36 GMT
Yeah. It was contritbuted back with NiFi 1.2.0. I was going through the PRs
and conversations to get a gist of why it set as a sensitive property so
wanted to get the dev community’s opinion. I’ll file a JIRA.

-
Sivaprasanna

On Wed, 31 Jan 2018 at 8:04 AM, Koji Kawamura <ijokarumawak@gmail.com>
wrote:

> Hi Sivaprasanna,
>
> That's a good point.
>
> I am not aware of any background reason for ACCOUNT_NAME to be a
> sensitive property.
> It seems that it has been a sensitive property since the beginning
> when Azure blob processors were contributed.
>
> https://github.com/apache/nifi/pull/1636/files#diff-ad53d357304781182a9f427bab9e6215R29
>
> Any recommendation can be found that suggest protecting an account
> name by looking at Azure Blob security guid.
>
> https://docs.microsoft.com/en-us/azure/storage/common/storage-security-guide
>
> I think it's reasonable to make ACCOUNT_NAME as a normal property.
> If you are interested in doing that, please file a JIRA.
> https://issues.apache.org/jira/browse/NIFI
>
> Thanks,
> Koji
>
>
> On Mon, Jan 29, 2018 at 4:53 PM, Sivaprasanna <sivaprasanna246@gmail.com>
> wrote:
> > Hi,
> >
> > I was going through the Azure Blob Storage code-base. If you look at the
> > AzureStorageUtils
> > <
> https://github.com/apache/nifi/blob/master/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/processors/azure/storage/utils/AzureStorageUtils.java#L53
> >,
> > ACCOUNT_NAME is defined as a sensitive property. I would like to know the
> > rationale behind that. The reason I'm asking is regardless of making the
> > storage account name as sensitive, the azure.primaryUri flowfile
> attribute
> > will have the storage account name in it since the primary URI is going
> to
> > be like this: https://*mystorageaccountname*.
> > blob.core.windows.net/container/blob
> >
> > -
> > Sivaprasanna
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message