npatel44 opened a new issue, #44438: URL: https://github.com/apache/airflow/issues/44438
### Apache Airflow version main (development) ### If "Other Airflow 2 version" selected, which one? _No response_ ### What happened? Following PR fixed issue with airflow task exposing sensitive information like passwords and secret https://github.com/apache/airflow/pull/15599 However airflow provider common doesn't have this fix and operator using this provider still prints out secrets (aws secrets in my case) on to task log. ### What you think should happen instead? Secrets should be masked before getting logged into task logs ### How to reproduce Use any an operator that uses SQL hook defined in `provider.common.sql.hooks.sql.py` with credentials. eg. using `RedshiftToS3Operator` with aws connection string having secret id and secret will cause task log of this operator to print secrets in logs ### Operating System linux ### Versions of Apache Airflow Providers amazon provider 8.26 ### Deployment Official Apache Airflow Helm Chart ### Deployment details _No response_ ### Anything else? Alternative fixes: 1. Temporarily change task log level to Warning will avoid printing sql in logs at all 2. Provider using DbApiHook has log_sql parameter. However amazon provider Operator or Hook doesn't exposes that parameter. If they do then I can set that to false in order to not print sql. Ideally, I would like to print sql statement with secrets being masked. ### Are you willing to submit PR? - [X] Yes I am willing to submit a PR! ### Code of Conduct - [X] I agree to follow this project's [Code of Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
