Configuring NiFi for HDFS Encryption¶
Key Creation Process¶
Log in to Ranger KMS UI.
Provide Username as ‘keyadmin’ and password for user.
Go to the Encryption tab and click Key Manager.
Select the appropriate defined service from list.
Click Add New Key.
Fill out the Key Detail fields.
Click Save.
Now the Key has been successfully created, and it can be used for creating an encryption zone.
Permission Definition¶
The next task is to provide necessary permissions to a user who will run the NiFi application. In our case, we are using a NiFi user for running the application and HDFS as a super user operation.
Configure CreateHDFSFolder Processor¶
- Right-click Processor and select Configure.
- Configure the highlighted property for the processor.
Directory To Be Encrypted: /model.db/${source}
/app/warehouse/${source}
/etl/${source}
/archive/${source}
Encryption Key: nifikey
Encryption Required: Y
Click OK and start the processor.
You have successfully configured NiFi DataLake Platform for HDFS Encryption.