potiuk commented on code in PR #59864:
URL: https://github.com/apache/airflow/pull/59864#discussion_r2649649641
##########
airflow-core/docs/security/security_model.rst:
##########
@@ -131,8 +131,8 @@ Those users should be highly trusted not to misuse this
capability.
been changed in Airflow 3 to improve security of the accidental spilling of
credentials of the connection configuration
users. Previously - in Airflow 2 - the **Connection configuration users**
had deliberately access to view the
sensitive information and could either reveal it by using Inspect
capabilities of the browser or they were plain visible in
- case of the sensitive credentials stored in configuration extras. Airflow 3
and later versions include security
- improvement to mask those sensitive credentials at the API level.
+ case of the sensitive credentials stored in configuration extras. Airflow 3
and later versions mask these sensitive credentials
+ at the API level and do not return them in clear text.
Review Comment:
We need way more detailed description here (because just API is not detailed
enough):
* the sensitive data is not exposed through APIs to regular API, UI,
airflowctl access, but
* task-sdk provides access to sensitive data (using task-specific JWT token)
* explaining that export functionality is only available through local CLI
command
* explaining that sensitive data consists of:
* connection details
* variables
* configuration
* explaining that masking is done in logs, UI and API output, but if the dag
author exposes it in other ways (for example via environment variables) those
values will not be masked.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
