endzeit created NIFI-14391:
------------------------------
Summary: Support Initial Admin Group Configuration in
FileAccessPolicyProvider
Key: NIFI-14391
URL: https://issues.apache.org/jira/browse/NIFI-14391
Project: Apache NiFi
Issue Type: New Feature
Reporter: endzeit
Currently, when configuring a NiFi cluster with OIDC authentication, the
FileAccessPolicyProvider requires specifying a single, statically defined user
for initial administrator permissions. This necessitates the use of a dedicated
service account or relies on a specific user's availability during cluster
setup.
This issue proposes enhancing the FileAccessPolicyProvider to support the
configuration of an initial administrator group (e.g., 'X') instead of a single
user. This would leverage the group information provided by the Identity
Provider and streamline the initial rights management process, eliminating the
reliance on individual user accounts.
Specifically, we suggest adding a configuration option, such as "Initial Admin
Group," to the FileAccessPolicyProvider. This would allow administrators to
specify a group that should be granted initial administrative privileges upon
cluster startup.
This enhancement would improve the manageability of NiFi clusters in OIDC
environments by providing a more flexible and robust approach to initial
administrator rights assignment.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
