AzureStorageCredentialsControllerService_v12

Description:

Provides credentials for Azure Blob processors using Azure Blob Storage client library v12.

Tags:

azure, microsoft, cloud, storage, blob, credentials

Properties:

In the list below, the names of required properties appear in bold. Any other properties (not in bold) are considered optional. The table also indicates any default values, and whether a property is considered "sensitive", meaning that its value will be encrypted. Before entering a value in a sensitive property, ensure that the nifi.properties file has an entry for the property nifi.sensitive.props.key.

NameDefault ValueAllowable ValuesDescription
Storage Account NameThe storage account name.
Sensitive Property: true
Endpoint Suffixblob.core.windows.netStorage accounts in public Azure always use a common FQDN suffix. Override this endpoint suffix with a different suffix in certain circumstances (like Azure Stack or non-public Azure regions).
Credentials TypeSAS_TOKEN
  • Account Key The primary or secondary Account Key of the storage account that provides full access to the resources in the account
  • SAS Token SAS (Shared Access Signature) Token generated for accessing resources in the storage account
  • Managed Identity Azure Virtual Machine Managed Identity (it can only be used when NiFi is running on Azure)
  • Service Principal Azure Active Directory Service Principal with Client Id / Client Secret of a registered application
Credentials type to be used for authenticating to Azure
Account KeyThe storage account key. This is an admin-like password providing access to every container in this account. It is recommended one uses Shared Access Signature (SAS) token instead for fine-grained control with policies.
Sensitive Property: true

This Property is only considered if the <Credentials Type> Property has a value of "ACCOUNT_KEY".
SAS TokenShared Access Signature token, including the leading '?'. Specify either SAS token (recommended) or Account Key.
Sensitive Property: true

This Property is only considered if the <Credentials Type> Property has a value of "SAS_TOKEN".
Managed Identity Client IDClient ID of the managed identity. The property is required when User Assigned Managed Identity is used for authentication. It must be empty in case of System Assigned Managed Identity.
Sensitive Property: true

This Property is only considered if the <Credentials Type> Property has a value of "MANAGED_IDENTITY".
Service Principal Tenant IDTenant ID of the Azure Active Directory hosting the Service Principal. The property is required when Service Principal authentication is used.
Sensitive Property: true

This Property is only considered if the <Credentials Type> Property has a value of "SERVICE_PRINCIPAL".
Service Principal Client IDClient ID (or Application ID) of the Client/Application having the Service Principal. The property is required when Service Principal authentication is used.
Sensitive Property: true

This Property is only considered if the <Credentials Type> Property has a value of "SERVICE_PRINCIPAL".
Service Principal Client SecretPassword of the Client/Application. The property is required when Service Principal authentication is used.
Sensitive Property: true

This Property is only considered if the <Credentials Type> Property has a value of "SERVICE_PRINCIPAL".

State management:

This component does not store state.

Restricted:

This component is not restricted.

System Resource Considerations:

None specified.