Configuring NiFi Authentication and Proxying with Apache Knox
Also available as:

Adding a Policy Using Ranger

If you are using Ranger, complete the following steps to add a policy for the Knox node user.

  1. Create a user to represent Knox in NiFi by taking the DN from the cert that Knox is using to communicate with NiFi.
  2. For the component level policies, on the root group, add permissions to "view the data " and to "modify the data" for the Knox user:
    • Set WRITE to /proxy.

    • Set READ and WRITE to /data/process-group/<root-group-id>.