This is an automated email from the ASF dual-hosted git repository. jedcunningham pushed a commit to branch v2-8-test in repository https://gitbox.apache.org/repos/asf/airflow.git
commit 5995565f2a09d782ddd172754d355ea3ec044fd9 Author: Jed Cunningham <[email protected]> AuthorDate: Thu Mar 7 16:10:31 2024 -0700 Minor security model update (#37984) Users don't "upload" DAGs, and simply state DAG authors have full db access. (cherry picked from commit 8eeb93a8c79518207c70da0b0a08fe56c713d6af) --- docs/apache-airflow/security/security_model.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/apache-airflow/security/security_model.rst b/docs/apache-airflow/security/security_model.rst index 2e0f156dfc..b88d26ee58 100644 --- a/docs/apache-airflow/security/security_model.rst +++ b/docs/apache-airflow/security/security_model.rst @@ -61,7 +61,7 @@ model. DAG Authors ........... -They can upload, modify, and delete DAG files. The +They can create, modify, and delete DAG files. The code in DAG files is executed on workers and in the DAG File Processor. Note that in the simple deployment configuration, parsing DAGs is executed as a subprocess of the Scheduler process, but with Standalone DAG File Processor @@ -69,7 +69,7 @@ deployment managers might separate parsing DAGs from the Scheduler process. Therefore, DAG authors can create and change code executed on workers and the DAG File Processor and potentially access the credentials that the DAG code uses to access external systems. DAG Authors have full access -to the metadata database and internal audit logs. +to the metadata database. Authenticated UI users .......................
