The concept of parameterization is an important step in building a dataflow that you can run outside of the NiFi instance where it was built. NiFi allows you to define Processor and Controller Service properties at runtime instead of at build time by using Parameter Contexts.

Environment variables

Any parameter can be specified using the environment variables of the Google Cloud Function. When configuring the function, in the Runtime environment variables section of the Runtime, build, connections and security settings, add an environment variable with a name that matches the name of a parameter in your Parameter Context.

Google Cloud Secret Manager

A more secure mechanism for storing parameters is to use the Google Cloud Secret Manager, which is recommended for the sensitive properties of a data flow.

  1. Navigate to the Secret Manager GCP service and click Create secret at the top-left.

  2. Name the secret descriptively (this does not have to be the same name as a data flow Parameter), and enter the Secret value (or upload a file, which is most useful for mounted secrets).

  3. Click Create secret at the bottom.

  4. Repeat the above steps for all needed secrets.

  5. In the Runtime, build, connections and security settings section of Cloud function configuration, select the Security tab.

  6. Click Reference a secret.

    This allows you to select an existing Secret. The console will prompt you to grant permissions to use the secret to the Runtime Service Account, which you should do.

  7. If your secret is an uploaded file, select Mounted as volume for the Reference method.

  8. For parameters, select Exposed as environment variable as the Reference method. Here you should enter the actual data flow Parameter Context name in the environment variable name, since this is how parameters are mapped.

  9. Optionally, select latest from the Version drop-down menu.

    This allows the secret value to be automatically updated if the function is redeployed.