Prerequisites for Running Admin Toolkit in a Secure Environment
For secured nodes and clusters, two policies should be configured in advance:
-
Access the controller - A user that will have access to these utilities should be authorized in NiFi by creating an "access the controller" policy (
/controller
) with both view and modify rights. -
Proxy user request - If not previously set node's identity (the DN value of the node's certificate) should be authorized to proxy requests on behalf of a user
When executing either the notify or node manager tools in a secured environment the proxyDN
flag option should be used in order to properly identify the user that was authorized to execute these commands. In non-secure environments, or if running the status operation on the Node Manager tool, the flag is ignored.