Last active
October 27, 2016 23:37
-
-
Save alopresto/508b25a6075cce4c64c9012976efd403 to your computer and use it in GitHub Desktop.
Apache NiFi template that generates an empty flowfile, populates the content with plaintext, adds two attributes, uses an ExecuteScript processor to perform AES/GCM encryption with a default key, and updates and adds attributes with the cipher text results, then logs the attributes and content of the flowfile.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" ?> | |
| <template encoding-version="1.0"> | |
| <description>This template generates an empty flowfile, populates the content with plaintext, adds two attributes, uses an ExecuteScript processor to perform AES/GCM encryption with a default key, and updates and adds attributes with the cipher text results, then logs the attributes and content of the flowfile. </description> | |
| <groupId>08499ab1-0158-1000-eb96-b892bf593753</groupId> | |
| <name>EncryptAttribute (via ExecuteScript)</name> | |
| <snippet> | |
| <connections> | |
| <id>084be0c5-0158-1000-0000-000000000000</id> | |
| <parentGroupId>08499ab1-0158-1000-0000-000000000000</parentGroupId> | |
| <backPressureDataSizeThreshold>1 GB</backPressureDataSizeThreshold> | |
| <backPressureObjectThreshold>10000</backPressureObjectThreshold> | |
| <destination> | |
| <groupId>08499ab1-0158-1000-0000-000000000000</groupId> | |
| <id>0849d7d0-0158-1000-0000-000000000000</id> | |
| <type>PROCESSOR</type> | |
| </destination> | |
| <flowFileExpiration>0 sec</flowFileExpiration> | |
| <labelIndex>1</labelIndex> | |
| <name></name> | |
| <selectedRelationships>success</selectedRelationships> | |
| <source> | |
| <groupId>08499ab1-0158-1000-0000-000000000000</groupId> | |
| <id>0849bf65-0158-1000-0000-000000000000</id> | |
| <type>PROCESSOR</type> | |
| </source> | |
| <zIndex>0</zIndex> | |
| </connections> | |
| <connections> | |
| <id>084c0d53-0158-1000-0000-000000000000</id> | |
| <parentGroupId>08499ab1-0158-1000-0000-000000000000</parentGroupId> | |
| <backPressureDataSizeThreshold>1 GB</backPressureDataSizeThreshold> | |
| <backPressureObjectThreshold>10000</backPressureObjectThreshold> | |
| <destination> | |
| <groupId>08499ab1-0158-1000-0000-000000000000</groupId> | |
| <id>0849eff2-0158-1000-0000-000000000000</id> | |
| <type>PROCESSOR</type> | |
| </destination> | |
| <flowFileExpiration>0 sec</flowFileExpiration> | |
| <labelIndex>1</labelIndex> | |
| <name></name> | |
| <selectedRelationships>success</selectedRelationships> | |
| <source> | |
| <groupId>08499ab1-0158-1000-0000-000000000000</groupId> | |
| <id>0849d7d0-0158-1000-0000-000000000000</id> | |
| <type>PROCESSOR</type> | |
| </source> | |
| <zIndex>0</zIndex> | |
| </connections> | |
| <connections> | |
| <id>084c3573-0158-1000-0000-000000000000</id> | |
| <parentGroupId>08499ab1-0158-1000-0000-000000000000</parentGroupId> | |
| <backPressureDataSizeThreshold>1 GB</backPressureDataSizeThreshold> | |
| <backPressureObjectThreshold>10000</backPressureObjectThreshold> | |
| <destination> | |
| <groupId>08499ab1-0158-1000-0000-000000000000</groupId> | |
| <id>084b36c9-0158-1000-0000-000000000000</id> | |
| <type>PROCESSOR</type> | |
| </destination> | |
| <flowFileExpiration>0 sec</flowFileExpiration> | |
| <labelIndex>1</labelIndex> | |
| <name></name> | |
| <selectedRelationships>success</selectedRelationships> | |
| <source> | |
| <groupId>08499ab1-0158-1000-0000-000000000000</groupId> | |
| <id>0849eff2-0158-1000-0000-000000000000</id> | |
| <type>PROCESSOR</type> | |
| </source> | |
| <zIndex>0</zIndex> | |
| </connections> | |
| <connections> | |
| <id>084c4bf9-0158-1000-0000-000000000000</id> | |
| <parentGroupId>08499ab1-0158-1000-0000-000000000000</parentGroupId> | |
| <backPressureDataSizeThreshold>1 GB</backPressureDataSizeThreshold> | |
| <backPressureObjectThreshold>10000</backPressureObjectThreshold> | |
| <destination> | |
| <groupId>08499ab1-0158-1000-0000-000000000000</groupId> | |
| <id>084bc188-0158-1000-0000-000000000000</id> | |
| <type>PROCESSOR</type> | |
| </destination> | |
| <flowFileExpiration>0 sec</flowFileExpiration> | |
| <labelIndex>1</labelIndex> | |
| <name></name> | |
| <selectedRelationships>success</selectedRelationships> | |
| <source> | |
| <groupId>08499ab1-0158-1000-0000-000000000000</groupId> | |
| <id>084b36c9-0158-1000-0000-000000000000</id> | |
| <type>PROCESSOR</type> | |
| </source> | |
| <zIndex>0</zIndex> | |
| </connections> | |
| <processors> | |
| <id>0849bf65-0158-1000-0000-000000000000</id> | |
| <parentGroupId>08499ab1-0158-1000-0000-000000000000</parentGroupId> | |
| <position> | |
| <x>3.0</x> | |
| <y>0.0</y> | |
| </position> | |
| <config> | |
| <bulletinLevel>WARN</bulletinLevel> | |
| <comments></comments> | |
| <concurrentlySchedulableTaskCount>1</concurrentlySchedulableTaskCount> | |
| <descriptors> | |
| <entry> | |
| <key>File Size</key> | |
| <value> | |
| <name>File Size</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Batch Size</key> | |
| <value> | |
| <name>Batch Size</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Data Format</key> | |
| <value> | |
| <name>Data Format</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Unique FlowFiles</key> | |
| <value> | |
| <name>Unique FlowFiles</name> | |
| </value> | |
| </entry> | |
| </descriptors> | |
| <lossTolerant>false</lossTolerant> | |
| <penaltyDuration>30 sec</penaltyDuration> | |
| <properties> | |
| <entry> | |
| <key>File Size</key> | |
| <value>0B</value> | |
| </entry> | |
| <entry> | |
| <key>Batch Size</key> | |
| <value>1</value> | |
| </entry> | |
| <entry> | |
| <key>Data Format</key> | |
| <value>Text</value> | |
| </entry> | |
| <entry> | |
| <key>Unique FlowFiles</key> | |
| <value>false</value> | |
| </entry> | |
| </properties> | |
| <runDurationMillis>0</runDurationMillis> | |
| <schedulingPeriod>3 sec</schedulingPeriod> | |
| <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> | |
| <yieldDuration>1 sec</yieldDuration> | |
| </config> | |
| <name>GenerateFlowFile</name> | |
| <relationships> | |
| <autoTerminate>false</autoTerminate> | |
| <name>success</name> | |
| </relationships> | |
| <style></style> | |
| <type>org.apache.nifi.processors.standard.GenerateFlowFile</type> | |
| </processors> | |
| <processors> | |
| <id>0849d7d0-0158-1000-0000-000000000000</id> | |
| <parentGroupId>08499ab1-0158-1000-0000-000000000000</parentGroupId> | |
| <position> | |
| <x>0.0</x> | |
| <y>192.0</y> | |
| </position> | |
| <config> | |
| <bulletinLevel>WARN</bulletinLevel> | |
| <comments></comments> | |
| <concurrentlySchedulableTaskCount>1</concurrentlySchedulableTaskCount> | |
| <descriptors> | |
| <entry> | |
| <key>Regular Expression</key> | |
| <value> | |
| <name>Regular Expression</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Replacement Value</key> | |
| <value> | |
| <name>Replacement Value</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Character Set</key> | |
| <value> | |
| <name>Character Set</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Maximum Buffer Size</key> | |
| <value> | |
| <name>Maximum Buffer Size</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Replacement Strategy</key> | |
| <value> | |
| <name>Replacement Strategy</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Evaluation Mode</key> | |
| <value> | |
| <name>Evaluation Mode</name> | |
| </value> | |
| </entry> | |
| </descriptors> | |
| <lossTolerant>false</lossTolerant> | |
| <penaltyDuration>30 sec</penaltyDuration> | |
| <properties> | |
| <entry> | |
| <key>Regular Expression</key> | |
| <value>(?s)(^.*$)</value> | |
| </entry> | |
| <entry> | |
| <key>Replacement Value</key> | |
| <value>This is plaintext content. </value> | |
| </entry> | |
| <entry> | |
| <key>Character Set</key> | |
| <value>UTF-8</value> | |
| </entry> | |
| <entry> | |
| <key>Maximum Buffer Size</key> | |
| <value>1 MB</value> | |
| </entry> | |
| <entry> | |
| <key>Replacement Strategy</key> | |
| <value>Regex Replace</value> | |
| </entry> | |
| <entry> | |
| <key>Evaluation Mode</key> | |
| <value>Entire text</value> | |
| </entry> | |
| </properties> | |
| <runDurationMillis>0</runDurationMillis> | |
| <schedulingPeriod>0 sec</schedulingPeriod> | |
| <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> | |
| <yieldDuration>1 sec</yieldDuration> | |
| </config> | |
| <name>ReplaceText</name> | |
| <relationships> | |
| <autoTerminate>true</autoTerminate> | |
| <name>failure</name> | |
| </relationships> | |
| <relationships> | |
| <autoTerminate>false</autoTerminate> | |
| <name>success</name> | |
| </relationships> | |
| <style></style> | |
| <type>org.apache.nifi.processors.standard.ReplaceText</type> | |
| </processors> | |
| <processors> | |
| <id>0849eff2-0158-1000-0000-000000000000</id> | |
| <parentGroupId>08499ab1-0158-1000-0000-000000000000</parentGroupId> | |
| <position> | |
| <x>2.0</x> | |
| <y>386.0</y> | |
| </position> | |
| <config> | |
| <bulletinLevel>WARN</bulletinLevel> | |
| <comments></comments> | |
| <concurrentlySchedulableTaskCount>1</concurrentlySchedulableTaskCount> | |
| <descriptors> | |
| <entry> | |
| <key>Delete Attributes Expression</key> | |
| <value> | |
| <name>Delete Attributes Expression</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Normal Attribute</key> | |
| <value> | |
| <name>Normal Attribute</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Sensitive Attribute</key> | |
| <value> | |
| <name>Sensitive Attribute</name> | |
| </value> | |
| </entry> | |
| </descriptors> | |
| <lossTolerant>false</lossTolerant> | |
| <penaltyDuration>30 sec</penaltyDuration> | |
| <properties> | |
| <entry> | |
| <key>Delete Attributes Expression</key> | |
| </entry> | |
| <entry> | |
| <key>Normal Attribute</key> | |
| <value>This is a normal attribute. </value> | |
| </entry> | |
| <entry> | |
| <key>Sensitive Attribute</key> | |
| <value>This is a sensitive attribute.</value> | |
| </entry> | |
| </properties> | |
| <runDurationMillis>0</runDurationMillis> | |
| <schedulingPeriod>0 sec</schedulingPeriod> | |
| <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> | |
| <yieldDuration>1 sec</yieldDuration> | |
| </config> | |
| <name>UpdateAttribute</name> | |
| <relationships> | |
| <autoTerminate>false</autoTerminate> | |
| <name>success</name> | |
| </relationships> | |
| <style></style> | |
| <type>org.apache.nifi.processors.attributes.UpdateAttribute</type> | |
| </processors> | |
| <processors> | |
| <id>084b36c9-0158-1000-0000-000000000000</id> | |
| <parentGroupId>08499ab1-0158-1000-0000-000000000000</parentGroupId> | |
| <position> | |
| <x>3.0</x> | |
| <y>564.0</y> | |
| </position> | |
| <config> | |
| <bulletinLevel>WARN</bulletinLevel> | |
| <comments></comments> | |
| <concurrentlySchedulableTaskCount>1</concurrentlySchedulableTaskCount> | |
| <descriptors> | |
| <entry> | |
| <key>Script Engine</key> | |
| <value> | |
| <name>Script Engine</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Script File</key> | |
| <value> | |
| <name>Script File</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Script Body</key> | |
| <value> | |
| <name>Script Body</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Module Directory</key> | |
| <value> | |
| <name>Module Directory</name> | |
| </value> | |
| </entry> | |
| </descriptors> | |
| <lossTolerant>false</lossTolerant> | |
| <penaltyDuration>30 sec</penaltyDuration> | |
| <properties> | |
| <entry> | |
| <key>Script Engine</key> | |
| <value>Groovy</value> | |
| </entry> | |
| <entry> | |
| <key>Script File</key> | |
| </entry> | |
| <entry> | |
| <key>Script Body</key> | |
| <value> import javax.crypto.Cipher | |
| import javax.crypto.SecretKey | |
| import javax.crypto.spec.IvParameterSpec | |
| import javax.crypto.spec.SecretKeySpec | |
| import java.nio.charset.StandardCharsets | |
| FlowFile flowFile = session.get() | |
| if (!flowFile) { | |
| return | |
| } | |
| try { | |
| // Get the raw values of the attributes | |
| String normalAttribute = flowFile.getAttribute('Normal Attribute') | |
| String sensitiveAttribute = flowFile.getAttribute('Sensitive Attribute') | |
| // Instantiate an encryption cipher | |
| // Lots of additional code could go here to generate a random key, derive a key from a password, read from a file or keyring, etc. | |
| String keyHex = "0123456789ABCDEFFEDCBA9876543210" // * 2 for 256-bit encryption | |
| SecretKey key = new SecretKeySpec(keyHex.getBytes(StandardCharsets.UTF_8), "AES") | |
| IvParameterSpec iv = new IvParameterSpec(keyHex[0..<16].getBytes(StandardCharsets.UTF_8)) | |
| Cipher aesGcmEncCipher = Cipher.getInstance("AES/GCM/NoPadding", "BC") | |
| aesGcmEncCipher.init(Cipher.ENCRYPT_MODE, key, iv) | |
| String encryptedNormalAttribute = Base64.encoder.encodeToString(aesGcmEncCipher.doFinal(normalAttribute.bytes)) | |
| String encryptedSensitiveAttribute = Base64.encoder.encodeToString(aesGcmEncCipher.doFinal(sensitiveAttribute.bytes)) | |
| // Add a new attribute with the encrypted normal attribute | |
| flowFile = session.putAttribute(flowFile, 'Normal Attribute (encrypted)', encryptedNormalAttribute) | |
| // Replace the sensitive attribute inline with the cipher text | |
| flowFile = session.putAttribute(flowFile, 'Sensitive Attribute', encryptedSensitiveAttribute) | |
| session.transfer(flowFile, REL_SUCCESS) | |
| } catch (Exception e) { | |
| log.error("There was an error encrypting the attributes: ${e.getMessage()}") | |
| session.transfer(flowFile, REL_FAILURE) | |
| }</value> | |
| </entry> | |
| <entry> | |
| <key>Module Directory</key> | |
| </entry> | |
| </properties> | |
| <runDurationMillis>0</runDurationMillis> | |
| <schedulingPeriod>0 sec</schedulingPeriod> | |
| <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> | |
| <yieldDuration>1 sec</yieldDuration> | |
| </config> | |
| <name>ExecuteScript</name> | |
| <relationships> | |
| <autoTerminate>true</autoTerminate> | |
| <name>failure</name> | |
| </relationships> | |
| <relationships> | |
| <autoTerminate>false</autoTerminate> | |
| <name>success</name> | |
| </relationships> | |
| <style></style> | |
| <type>org.apache.nifi.processors.script.ExecuteScript</type> | |
| </processors> | |
| <processors> | |
| <id>084bc188-0158-1000-0000-000000000000</id> | |
| <parentGroupId>08499ab1-0158-1000-0000-000000000000</parentGroupId> | |
| <position> | |
| <x>6.0</x> | |
| <y>738.0</y> | |
| </position> | |
| <config> | |
| <bulletinLevel>WARN</bulletinLevel> | |
| <comments></comments> | |
| <concurrentlySchedulableTaskCount>1</concurrentlySchedulableTaskCount> | |
| <descriptors> | |
| <entry> | |
| <key>Log Level</key> | |
| <value> | |
| <name>Log Level</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Log Payload</key> | |
| <value> | |
| <name>Log Payload</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Attributes to Log</key> | |
| <value> | |
| <name>Attributes to Log</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Attributes to Ignore</key> | |
| <value> | |
| <name>Attributes to Ignore</name> | |
| </value> | |
| </entry> | |
| <entry> | |
| <key>Log prefix</key> | |
| <value> | |
| <name>Log prefix</name> | |
| </value> | |
| </entry> | |
| </descriptors> | |
| <lossTolerant>false</lossTolerant> | |
| <penaltyDuration>30 sec</penaltyDuration> | |
| <properties> | |
| <entry> | |
| <key>Log Level</key> | |
| <value>info</value> | |
| </entry> | |
| <entry> | |
| <key>Log Payload</key> | |
| <value>true</value> | |
| </entry> | |
| <entry> | |
| <key>Attributes to Log</key> | |
| </entry> | |
| <entry> | |
| <key>Attributes to Ignore</key> | |
| </entry> | |
| <entry> | |
| <key>Log prefix</key> | |
| </entry> | |
| </properties> | |
| <runDurationMillis>0</runDurationMillis> | |
| <schedulingPeriod>0 sec</schedulingPeriod> | |
| <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy> | |
| <yieldDuration>1 sec</yieldDuration> | |
| </config> | |
| <name>LogAttribute</name> | |
| <relationships> | |
| <autoTerminate>true</autoTerminate> | |
| <name>success</name> | |
| </relationships> | |
| <style></style> | |
| <type>org.apache.nifi.processors.standard.LogAttribute</type> | |
| </processors> | |
| </snippet> | |
| <timestamp>10/27/2016 16:22:42 PDT</timestamp> | |
| </template> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment