GitHub user javierherrer added a comment to the discussion: Support for authenticating to airflow metadata database like postgres sql with cloud specific authentication mechanism
Correct me if I'm wrong. The `_CMD` approach is helpful but has a major limitation: the command is executed only once per Python process, and the resulting connection string is cached. For long-lived components like the scheduler or webserver, this means the token will expire (typically 2–4 hours) and DB operations will start failing. #### Proposal Introduce native support for dynamic token refresh in the SQLAlchemy engine layer or a pluggable “connection provider” interface. This would allow Airflow to re-fetch credentials on demand without restarting pods or relying on external hacks like PgBouncer. This feature would enable secure, cloud-native authentication (e.g., Azure Managed Identity, AWS IAM) without static passwords and without lifecycle issues. GitHub link: https://github.com/apache/airflow/discussions/43837#discussioncomment-14797873 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected]
