[jira] [Created] (AIRFLOW-2807) Add support for External ID when using STS Assume ROle

Vojtech Vondra (JIRA) Thu, 26 Jul 2018 13:14:23 -0700

Vojtech Vondra created AIRFLOW-2807:
---------------------------------------


             Summary: Add support for External ID when using STS Assume ROle
                 Key: AIRFLOW-2807
                 URL: https://issues.apache.org/jira/browse/AIRFLOW-2807
             Project: Apache Airflow
          Issue Type: Improvement
          Components: aws, boto3, hooks
    Affects Versions: 1.10.1
            Reporter: Vojtech Vondra


Currently the role assumption method works only if the granting account does 
not specify an External ID. The external ID is used to solved the confused 
deputy problem. When using the AWS hook to export data to multiple customers, 
it's good security practice to use the external ID.

 Documentation: 
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (AIRFLOW-2807) Add support for External ID when using STS Assume ROle

Reply via email to