This is an automated email from the ASF dual-hosted git repository. utkarsharma pushed a commit to branch v2-9-test in repository https://gitbox.apache.org/repos/asf/airflow.git
commit c03c9c800ff9ea007b018096f4b382dc37ff2c76 Author: Jarek Potiuk <[email protected]> AuthorDate: Mon Jul 1 08:10:06 2024 +0200 Add more precise description of maskiing sensitive field names (#40512) (cherry picked from commit dc038892d0c8313e144ae2a1d08a3ab7d970e810) --- docs/apache-airflow/security/secrets/mask-sensitive-values.rst | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/apache-airflow/security/secrets/mask-sensitive-values.rst b/docs/apache-airflow/security/secrets/mask-sensitive-values.rst index a7d48b20ad..913fc12473 100644 --- a/docs/apache-airflow/security/secrets/mask-sensitive-values.rst +++ b/docs/apache-airflow/security/secrets/mask-sensitive-values.rst @@ -38,7 +38,8 @@ Sensitive field names When masking is enabled, Airflow will always mask the password field of every Connection that is accessed by a task. -It will also mask the value of a Variable, or the field of a Connection's extra JSON blob if the name contains +It will also mask the value of a Variable, rendered template dictionaries, XCom dictionaries or the +field of a Connection's extra JSON blob if the name contains any words in ('access_token', 'api_key', 'apikey', 'authorization', 'passphrase', 'passwd', 'password', 'private_key', 'secret', 'token'). This list can also be extended:
