This sounds like a good idea to me.
Just to clarify how this would work, in the file-based policy provider
we'd have something like:
admin
cluster-nodes
During start up the "cluster-nodes" group gets granted permission to /proxy.
Then a separate piece of work would be to implement a
UserGroupPr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi All,
Currently FileAccessPolicyProvider supports specification of a static set of
node identities. This is limiting in environments where the set of node
identities is changing over time, for example during scale-up/down operations
when NiFi is dep