[ https://issues.apache.org/jira/browse/AIRFLOW-3027?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jarek Potiuk closed AIRFLOW-3027. --------------------------------- Resolution: Won't Fix I am closing some old issues that are not relevant any more. Please let me know if you want to reopen it. > Read credentials from a file in the Databricks operators and hook > ----------------------------------------------------------------- > > Key: AIRFLOW-3027 > URL: https://issues.apache.org/jira/browse/AIRFLOW-3027 > Project: Apache Airflow > Issue Type: Improvement > Components: authentication, hooks, operators > Affects Versions: 1.9.0 > Reporter: Anthony Miyaguchi > Priority: Minor > > The Databricks hook requires token-based authentication via the connections > database. The token is passed into the connections field: > {code:java} > Extras: {"token": "<GENERATED_TOKEN>"}{code} > This means the token can be seen in plaintext in the Admin UI, which is > undesirable for our setup. The AWS hook gets around this by either using > boto's authentication mechanisms or by reading from a file. > {code:java} > elif 's3_config_file' in connection_object.extra_dejson: > aws_access_key_id, aws_secret_access_key = \ > _parse_s3_config( > connection_object.extra_dejson['s3_config_file'], > connection_object.extra_dejson.get('s3_config_format')){code} > [source] > [https://github.com/apache/incubator-airflow/blob/08ecca47862f304dba548bcfc6c34406cdcf556f/airflow/contrib/hooks/aws_hook.py#L110-L114] > > The databricks hook should also support reading the token from a file to > avoid exposing sensitive tokens in plaintext. > -- This message was sent by Atlassian Jira (v8.3.4#803005)