[jira] [Updated] (AIRFLOW-2807) Add support for External ID when using STS Assume Role

Vojtech Vondra (JIRA) Thu, 26 Jul 2018 13:14:34 -0700


     [ 
https://issues.apache.org/jira/browse/AIRFLOW-2807?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Vojtech Vondra updated AIRFLOW-2807:
------------------------------------
    Summary: Add support for External ID when using STS Assume Role  (was: Add 
support for External ID when using STS Assume ROle)

> Add support for External ID when using STS Assume Role
> ------------------------------------------------------
>
>                 Key: AIRFLOW-2807
>                 URL: https://issues.apache.org/jira/browse/AIRFLOW-2807
>             Project: Apache Airflow
>          Issue Type: Improvement
>          Components: aws, boto3, hooks
>    Affects Versions: 1.10.1
>            Reporter: Vojtech Vondra
>            Priority: Minor
>
> Currently the role assumption method works only if the granting account does 
> not specify an External ID. The external ID is used to solved the confused 
> deputy problem. When using the AWS hook to export data to multiple customers, 
> it's good security practice to use the external ID.
>  Documentation: 
> https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (AIRFLOW-2807) Add support for External ID when using STS Assume Role

Reply via email to