AzureStorageCredentialsControllerService

Description:

Defines credentials for Azure Storage processors. Uses Account Name with Account Key or Account Name with SAS Token.

Tags:

azure, microsoft, cloud, storage, blob, queue, credentials

Properties:

In the list below, the names of required properties appear in bold. Any other properties (not in bold) are considered optional. The table also indicates any default values, and whether a property supports the NiFi Expression Language.

Display NameAPI NameDefault ValueAllowable ValuesDescription
Storage Account Namestorage-account-nameThe storage account name. There are certain risks in allowing the account name to be stored as a flowfile attribute. While it does provide for a more flexible flow by allowing the account name to be fetched dynamically from a flowfile attribute, care must be taken to restrict access to the event provenance data (e.g., by strictly controlling the policies governing provenance for this processor). In addition, the provenance repositories may be put on encrypted disk partitions.
Sensitive Property: true
Supports Expression Language: true (will be evaluated using flow file attributes and variable registry)
Storage Account Keystorage-account-keyThe storage account key. This is an admin-like password providing access to every container in this account. It is recommended one uses Shared Access Signature (SAS) token instead for fine-grained control with policies. There are certain risks in allowing the account key to be stored as a flowfile attribute. While it does provide for a more flexible flow by allowing the account key to be fetched dynamically from a flowfile attribute, care must be taken to restrict access to the event provenance data (e.g., by strictly controlling the policies governing provenance for this processor). In addition, the provenance repositories may be put on encrypted disk partitions.
Sensitive Property: true
Supports Expression Language: true (will be evaluated using flow file attributes and variable registry)
SAS Tokenstorage-sas-tokenShared Access Signature token, including the leading '?'. Specify either SAS token (recommended) or Account Key. There are certain risks in allowing the SAS token to be stored as a flowfile attribute. While it does provide for a more flexible flow by allowing the SAS token to be fetched dynamically from a flowfile attribute, care must be taken to restrict access to the event provenance data (e.g., by strictly controlling the policies governing provenance for this processor). In addition, the provenance repositories may be put on encrypted disk partitions.
Sensitive Property: true
Supports Expression Language: true (will be evaluated using flow file attributes and variable registry)
Common Storage Account Endpoint Suffixstorage-endpoint-suffixStorage accounts in public Azure always use a common FQDN suffix. Override this endpoint suffix with a different suffix in certain circumstances (like Azure Stack or non-public Azure regions). The preferred way is to configure them through a controller service specified in the Storage Credentials property. The controller service can provide a common/shared configuration for multiple/all Azure processors. Furthermore, the credentials can also be looked up dynamically with the 'Lookup' version of the service.
Supports Expression Language: true (will be evaluated using flow file attributes and variable registry)

State management:

This component does not store state.

Restricted:

This component is not restricted.

System Resource Considerations:

None specified.