AWSCredentialsProviderControllerService

Description:

Defines credentials for Amazon Web Services processors. Uses default credentials without configuration. Default credentials support EC2 instance profile/role, default user profile, environment variables, etc. Additional options include access key / secret key pairs, credentials file, named profile, and assume role credentials.

Tags:

aws, credentials, provider

Properties:

In the list below, the names of required properties appear in bold. Any other properties (not in bold) are considered optional. The table also indicates any default values, whether a property supports the NiFi Expression Language, and whether a property is considered "sensitive", meaning that its value will be encrypted. Before entering a value in a sensitive property, ensure that the nifi.properties file has an entry for the property nifi.sensitive.props.key.

NameDefault ValueAllowable ValuesDescription
Use Default Credentialsfalse
  • true
  • false
If true, uses the Default Credential chain, including EC2 instance profiles or roles, environment variables, default user credentials, etc.
Access KeyNo Description Provided.
Sensitive Property: true
Supports Expression Language: true (will be evaluated using variable registry only)
Secret KeyNo Description Provided.
Sensitive Property: true
Supports Expression Language: true (will be evaluated using variable registry only)
Credentials FilePath to a file containing AWS access key and secret key in properties file format.
Profile NameThe AWS profile name for credentials from the profile configuration file.
Supports Expression Language: true (will be evaluated using variable registry only)
Use Anonymous Credentialsfalse
  • true
  • false
If true, uses Anonymous credentials
Assume Role ARNThe AWS Role ARN for cross account access. This is used in conjunction with role name and session timeout
Assume Role Session NameThe AWS Role Name for cross account access. This is used in conjunction with role ARN and session time out
Session Time3600Session time for role based session (between 900 and 3600 seconds). This is used in conjunction with role ARN and name
Assume Role External IDExternal ID for cross-account access. This is used in conjunction with role arn, role name, and optional session time out
Assume Role Proxy HostProxy host for cross-account access, if needed within your environment. This will configure a proxy to request for temporary access keys into another AWS account
Assume Role Proxy PortProxy pot for cross-account access, if needed within your environment. This will configure a proxy to request for temporary access keys into another AWS account

State management:

This component does not store state.

Restricted:

This component is not restricted.

System Resource Considerations:

None specified.