[ https://issues.apache.org/jira/browse/AIRFLOW-2807?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Vojtech Vondra updated AIRFLOW-2807: ------------------------------------ Summary: Add support for External ID when using STS Assume Role (was: Add support for External ID when using STS Assume ROle) > Add support for External ID when using STS Assume Role > ------------------------------------------------------ > > Key: AIRFLOW-2807 > URL: https://issues.apache.org/jira/browse/AIRFLOW-2807 > Project: Apache Airflow > Issue Type: Improvement > Components: aws, boto3, hooks > Affects Versions: 1.10.1 > Reporter: Vojtech Vondra > Priority: Minor > > Currently the role assumption method works only if the granting account does > not specify an External ID. The external ID is used to solved the confused > deputy problem. When using the AWS hook to export data to multiple customers, > it's good security practice to use the external ID. > Documentation: > https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html -- This message was sent by Atlassian JIRA (v7.6.3#76005)