Defines credentials for ADLS processors.
| Display Name | API Name | Default Value | Allowable Values | Description |
|---|
| Storage Account Name | storage-account-name | | | The storage account name. There are certain risks in allowing the account name to be stored as a FlowFile attribute. While it does provide for a more flexible flow by allowing the account name to be fetched dynamically from a FlowFile attribute, care must be taken to restrict access to the event provenance data (e.g., by strictly controlling the policies governing provenance for this processor). In addition, the provenance repositories may be put on encrypted disk partitions.
Sensitive Property: true
Supports Expression Language: true (will be evaluated using flow file attributes and Environment variables) |
| Endpoint Suffix | storage-endpoint-suffix | dfs.core.windows.net | | Storage accounts in public Azure always use a common FQDN suffix. Override this endpoint suffix with a different suffix in certain circumstances (like Azure Stack or non-public Azure regions).
Supports Expression Language: true (will be evaluated using Environment variables only) |
| Credentials Type | credentials-type | SAS Token | - Account Key
 - SAS Token
- Managed Identity
- Service Principal
| Credentials type to be used for authenticating to Azure |
| Account Key | storage-account-key | | | The storage account key. This is an admin-like password providing access to every container in this account. It is recommended one uses Shared Access Signature (SAS) token, Managed Identity or Service Principal instead for fine-grained control with policies. There are certain risks in allowing the account key to be stored as a FlowFile attribute. While it does provide for a more flexible flow by allowing the account key to be fetched dynamically from a FlowFile attribute, care must be taken to restrict access to the event provenance data (e.g., by strictly controlling the policies governing provenance for this processor). In addition, the provenance repositories may be put on encrypted disk partitions.
Sensitive Property: true
Supports Expression Language: true (will be evaluated using flow file attributes and Environment variables)
This Property is only considered if the [Credentials Type] Property has a value of "Account Key". |
| SAS Token | storage-sas-token | | | Shared Access Signature token (the leading '?' may be included) There are certain risks in allowing the SAS token to be stored as a FlowFile attribute. While it does provide for a more flexible flow by allowing the SAS token to be fetched dynamically from a FlowFile attribute, care must be taken to restrict access to the event provenance data (e.g., by strictly controlling the policies governing provenance for this processor). In addition, the provenance repositories may be put on encrypted disk partitions.
Sensitive Property: true
Supports Expression Language: true (will be evaluated using flow file attributes and Environment variables)
This Property is only considered if the [Credentials Type] Property has a value of "SAS Token". |
| Managed Identity Client ID | managed-identity-client-id | | | Client ID of the managed identity. The property is required when User Assigned Managed Identity is used for authentication. It must be empty in case of System Assigned Managed Identity.
Sensitive Property: true
This Property is only considered if the [Credentials Type] Property has a value of "Managed Identity". |
| Service Principal Tenant ID | service-principal-tenant-id | | | Tenant ID of the Azure Active Directory hosting the Service Principal.
Sensitive Property: true
This Property is only considered if the [Credentials Type] Property has a value of "Service Principal". |
| Service Principal Client ID | service-principal-client-id | | | Client ID (or Application ID) of the Client/Application having the Service Principal.
Sensitive Property: true
This Property is only considered if the [Credentials Type] Property has a value of "Service Principal". |
| Service Principal Client Secret | service-principal-client-secret | | | Password of the Client/Application.
Sensitive Property: true
This Property is only considered if the [Credentials Type] Property has a value of "Service Principal". |
| Proxy Configuration Service | proxy-configuration-service | | Controller Service API:
ProxyConfigurationService
Implementation: StandardProxyConfigurationService | Specifies the Proxy Configuration Controller Service to proxy network requests. Supported proxies: HTTP, SOCKS In case of SOCKS, it is not guaranteed that the selected SOCKS Version will be used by the processor.
This Property is only considered if the [Credentials Type] Property is set to one of the following values: [Service Principal], [Managed Identity] |