Provide the ability for multiple groups of entities (people or systems) to command, control, and observe state of different parts of the dataflow with varying levels of authorization.
Background and strategic fit
Within a single system Apache NiFi can support thousands of processors and connections, which translates to an extremely large number of dataflows for even the largest of enterprise use cases. This in turn means each cluster of NiFi servers is capable of handling the requirements of one or more organizations. However, the authorization model of NiFi today means that the authority level of a given dataflow applies to the entire dataflow graph. This is not sufficient to support the multi-tenancy needs that are present when multiple organizations leverage the same resources to manage dataflows. Introducing more granular authorization decisions will allow teams to assign access policies for individuals/groups per component. Please refer to the proposal for the Authorizer for more details 1
Additionally, in this effort we will introduce more granular revision checking. Most likely, each component will have it's own revision allowing for easier concurrent access and modification than is support today.
User interaction and design
Below is a list of questions to be addressed as a result of this requirements document: