Integration of the OpenTDF Platform into NiFi
Components:
-
"Zero Trust Data Format" (ZTDF) Processors:
- ConvertToZTDF: A NiFi processor that converts FlowFile content to ZTDF format.
- ConvertFromZTDF: A NiFi processor that converts ZTDF formatted FlowFile content to its plaintext representation
-
NanoTDF Processors (See NanoTDF Specification):
- ConvertToNanoTDF: A NiFi processor that converts FlowFile content to NanoTDF format.
- ConvertFromNanoTDF: A NiFi processor that converts NanoTDF formatted FlowFile content to its plaintext representation
-
Controller Services:
- OpenTDFControllerService: A NiFi controller service providing OpenTDF Platform Configuration
Communicating over TLS with self-signed or other untrusted certs can be configured using NiFi's standard SSL Context Service and then wired into the processors by setting their respective SSL Context Service properties to use a configured SSL Context Service.
See An Sample NiFi FlowFile Template using ZTDF/NanoTDF Processors
Upload and use this template in NiFi:
- Configure the OpenTDFControllerService properties
- set then OpenTDF compliant endpoint
- set OIDC Client credentials (client id and client secret)
- set the data policy (UpdateAttribute Processor)
- set the KAS URL: ConvertToZTDF , ConvertToNanoTDF processors
-
Build the NiFi Archives (NARs) and place in the docker compose mounted volumes. The opentd java-sdk is currently hosted on github's maven package repository, so github credentials are required to perform a maven build.
export GITHUB_ACTOR=your gh username export GITHUB_TOKEN=your gh token make compose-package
-
Start docker compose
docker compose up