Awesome job Vincent!! -- Rajesh
On 2025-03-21, 3:15 AM, "Amogh Desai" <amoghdesai....@gmail.com <mailto:amoghdesai....@gmail.com>> wrote: CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe. AVERTISSEMENT: Ce courrier électronique provient d’un expéditeur externe. Ne cliquez sur aucun lien et n’ouvrez aucune pièce jointe si vous ne pouvez pas confirmer l’identité de l’expéditeur et si vous n’êtes pas certain que le contenu ne présente aucun risque. Good work Vincent! Happy to see this come in! GO AWAY FAB! Thanks & Regards, Amogh Desai On Fri, Mar 21, 2025 at 12:23 PM Pavankumar Gopidesu < gopidesupa...@gmail.com <mailto:gopidesupa...@gmail.com>> wrote: > Great work Vincent. > > Pavan > > On Fri, Mar 21, 2025, 06:46 Shahar Epstein <sha...@apache.org > <mailto:sha...@apache.org>> wrote: > > > Great job Vincent! > > > > On Thu, Mar 20, 2025 at 3:18 PM Beck, Vincent > <vincb...@amazon.com.inva <mailto:vincb...@amazon.com.inva>lid > > > > > wrote: > > > > > Hi everyone, > > > > > > I just merged https://github.com/apache/airflow/pull/47691 > > > <https://github.com/apache/airflow/pull/47691> which sets > > > SimpleAuthManager as the default auth manager in Airflow. If you pull > the > > > latest main branch, Airflow will no longer use the FAB auth Manager by > > > default but instead use SimpleAuthManager. This is another step towards > > > removing Flask from Airflow. > > > > > > *What changed?* > > > > > > Auth managers define authentication (AuthN) and authorization (AuthZ) > > > logic in Airflow. Switching to SimpleAuthManager means changes in how > > > authentication and authorization work: > > > - The FAB login form is no longer used; authentication now follows the > > > method provided by SimpleAuthManager. > > > - Pages previously used to manage users and roles (/auth/users/list, > > > /auth/roles/list, etc.) are no longer available since they are part of > > the > > > FAB Auth Manager. > > > - SimpleAuthManager manages users and roles through a configuration > file > > > instead of a web interface. > > > > > > For more details on SimpleAuthManager, please refer to the > documentation: > > > > > > https://github.com/apache/airflow/blob/main/docs/apache-airflow/core-concepts/auth-manager/simple.rst > > <https://github.com/apache/airflow/blob/main/docs/apache-airflow/core-concepts/auth-manager/simple.rst> > > > . > > > However, SimpleAuthManager is a minimal auth manager designed for > > > development environments and *should not be used in production*. > > > > > > *Using a different auth manager* > > > > > > This change only updates the default auth manager, no existing options > > > have been removed. You can continue using your preferred auth manager, > > > including FAB, by setting the following in the config `[core] > > auth_manager > > > = <auth_manager_path>`. For example, to continue using FAB:: `[core] > > > auth_manager = > > > airflow.providers.fab.auth_manager.fab_auth_manager.FabAuthManager`. > > > > > > *Breeze users* > > > > > > If you are using Breeze, switching between auth managers is now easier. > > PR > > > #47691 introduces a new `--auth-manager` parameter for `breeze > > > start-airflow`: > > > - Start Airflow with SimpleAuthManager:: `breeze start-airflow > > > --auth-manager SimpleAuthManager` (or simply `breeze start-airflow`, > > since > > > SimpleAuthManager is now the default) > > > - Start Airflow with FAB auth manager:: `breeze start-airflow > > > --auth-manager FabAuthManager` > > > > > > Simple auth manager auto generates a random password for all users > > defined > > > in the config. These passwords are stored by default in > > > ``AIRFLOW_HOME/simple_auth_manager_passwords.json.generated``. For > > > convenience, Breeze predefines two default users: > > > - "admin" (password: "admin") -> full access > > > - "viewer" (password: "viewer") -> read-only access > > > > > > If you encounter any issues or have concerns about this change, feel > free > > > to discuss on Slack or submit a PR to address them. > > > > > > Thanks, > > > Vincent > > > > > >
