Azure Key Vault Key Provider

This protection scheme uses keys managed by https://docs.microsoft.com/en-us/azure/key-vault/keys/about-keys for encryption and decryption.

Azure Key Vault configuration properties can be stored in the bootstrap-azure.conf file, as referenced in the bootstrap.conf of NiFi or NiFi Registry. The provider will use the https://docs.microsoft.com/en-us/java/api/com.azure.identity.defaultazurecredential for authentication. The https://docs.microsoft.com/en-us/java/api/overview/azure/identity-readme#key-concepts client library describes the process for credentials resolution, which leverages environment variables, system properties, and falls back to https://docs.microsoft.com/en-us/java/api/overview/azure/identity-readme#managed-identity-support authentication.