Property Context Mapping
Some encryption providers store protected values in an external service instead of persisting the encrypted values directly in the configuration file. To support this use case, a property context is defined for each protected property in NiFi's configuration files, in the format: {context-name}/{property-name}
-
context-name- represents a namespace for properties in order to disambiguate properties with the same name. Without additional configuration, all protected properties are assigned thedefaultcontext. -
property-name- contains the name of the property.
In order to support logical context names, mapping properties may be provided in bootstrap.conf, as follows:
nifi.bootstrap.protection.context.mapping.<context-name>=<identifier matching regex>
Here, context-name would determine the context name above, and <identifier matching regex> would map any property whose group identifier matched the provided Regular Expression. Group identifiers are defined per configuration file type, and are described as follows:
| Configuration File | Group Identifier Description | Assigned Context |
|---|---|---|
|
|
There is no concept of a group identifier here, since all property names should be unique. |
default |
|
|
The |
The mapped context name if RegEx matches the identifier, otherwise default |
|
|
The |
The mapped context name if RegEx matches the identifier, otherwise default |
