Prerequisites¶
airflowctl is tested with:
The minimum memory required we recommend airflowctl to run with is 200MB, but the actual requirements depend wildly on the deployment options you have. The Keyring backend needs to be installed separately into your operating system. This will enhance security. See Security for more information.
Keyring Backend¶
airflowctl uses keyring to store the API token securely. This ensures that the token is not stored in plain text and is only accessible to authorized users.
Recommended keyring backends are: * macOS Keychain * Freedesktop Secret Service supports many DE including GNOME (requires secretstorage) * KDE4 & KDE5 KWallet (requires dbus) * Windows Credential Locker
Third-Party Backends¶
In addition to the backends provided by the core keyring package for the most common and secure use cases, there are additional keyring backend implementations available for other use cases. Simply install them to make them available:
- keyrings.cryptfile
Encrypted text file storage.
- keyrings.alt
“alternate”, possibly-insecure backends, originally part of the core package, but available for opt-in.
- gsheet-keyring
a backend that stores secrets in a Google Sheet. For use with ipython-secrets.
- bitwarden-keyring
a backend that stores secrets in the BitWarden password manager.
- onepassword-keyring
a backend that stores secrets in the 1Password password manager.
- sagecipher
an encryption backend which uses the ssh agent protocol’s signature operation to derive the cipher key.
- keyrings.osx_keychain_keys
OSX keychain key-management, for private, public, and symmetric keys.
- keyring_pass.PasswordStoreBackend
Password Store (pass) backend for python’s keyring
- keyring_jeepney
a pure Python backend using the secret service
DBusAPI for desktop Linux (requireskeyring<24).