Vojtech Vondra created AIRFLOW-2807:
---------------------------------------
Summary: Add support for External ID when using STS Assume ROle
Key: AIRFLOW-2807
URL: https://issues.apache.org/jira/browse/AIRFLOW-2807
Project: Apache Airflow
Issue Type: Improvement
Components: aws, boto3, hooks
Affects Versions: 1.10.1
Reporter: Vojtech Vondra
Currently the role assumption method works only if the granting account does
not specify an External ID. The external ID is used to solved the confused
deputy problem. When using the AWS hook to export data to multiple customers,
it's good security practice to use the external ID.
Documentation:
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
