AzureStorageCredentialsControllerService_v12

Description:

Provides credentials for Azure Storage processors using Azure Storage client library v12.

Tags:

azure, microsoft, cloud, storage, blob, credentials, queue

Properties:

In the list below, the names of required properties appear in bold. Any other properties (not in bold) are considered optional. The table also indicates any default values.

Display NameAPI NameDefault ValueAllowable ValuesDescription
Storage Account Namestorage-account-nameThe storage account name.
Sensitive Property: true
Endpoint Suffixstorage-endpoint-suffixblob.core.windows.netStorage accounts in public Azure always use a common FQDN suffix. Override this endpoint suffix with a different suffix in certain circumstances (like Azure Stack or non-public Azure regions).
Credentials Typecredentials-typeSAS Token
  • Account Key The primary or secondary Account Key of the storage account that provides full access to the resources in the account
  • SAS Token SAS (Shared Access Signature) Token generated for accessing resources in the storage account
  • Managed Identity Azure Virtual Machine Managed Identity (it can only be used when NiFi is running on Azure)
  • Service Principal Azure Active Directory Service Principal with Client Id / Client Secret of a registered application
Credentials type to be used for authenticating to Azure
Account Keystorage-account-keyThe storage account key. This is an admin-like password providing access to every container in this account. It is recommended one uses Shared Access Signature (SAS) token instead for fine-grained control with policies.
Sensitive Property: true

This Property is only considered if the [Credentials Type] Property has a value of "Account Key".
SAS Tokenstorage-sas-tokenShared Access Signature token, including the leading '?'. Specify either SAS token (recommended) or Account Key.
Sensitive Property: true

This Property is only considered if the [Credentials Type] Property has a value of "SAS Token".
Managed Identity Client IDmanaged-identity-client-idClient ID of the managed identity. The property is required when User Assigned Managed Identity is used for authentication. It must be empty in case of System Assigned Managed Identity.
Sensitive Property: true

This Property is only considered if the [Credentials Type] Property has a value of "Managed Identity".
Service Principal Tenant IDservice-principal-tenant-idTenant ID of the Azure Active Directory hosting the Service Principal. The property is required when Service Principal authentication is used.
Sensitive Property: true

This Property is only considered if the [Credentials Type] Property has a value of "Service Principal".
Service Principal Client IDservice-principal-client-idClient ID (or Application ID) of the Client/Application having the Service Principal. The property is required when Service Principal authentication is used.
Sensitive Property: true

This Property is only considered if the [Credentials Type] Property has a value of "Service Principal".
Service Principal Client Secretservice-principal-client-secretPassword of the Client/Application. The property is required when Service Principal authentication is used.
Sensitive Property: true

This Property is only considered if the [Credentials Type] Property has a value of "Service Principal".
Proxy Configuration Serviceproxy-configuration-serviceController Service API:
ProxyConfigurationService
Implementation: StandardProxyConfigurationService
Specifies the Proxy Configuration Controller Service to proxy network requests. Supported proxies: HTTP, SOCKS In case of SOCKS, it is not guaranteed that the selected SOCKS Version will be used by the processor.

This Property is only considered if the [Credentials Type] Property is set to one of the following values: [Service Principal], [Managed Identity]

State management:

This component does not store state.

Restricted:

This component is not restricted.

System Resource Considerations:

None specified.