airflow.providers.amazon.aws.auth_manager.aws_auth_manager
¶
Module Contents¶
Classes¶
AWS auth manager. |
Functions¶
Generate documentation; used by Sphinx argparse. |
- class airflow.providers.amazon.aws.auth_manager.aws_auth_manager.AwsAuthManager(appbuilder)[source]¶
Bases:
airflow.auth.managers.base_auth_manager.BaseAuthManager
AWS auth manager.
Leverages AWS services such as Amazon Identity Center and Amazon Verified Permissions to perform authentication and authorization in Airflow.
- Parameters
appbuilder (airflow.www.extensions.init_appbuilder.AirflowAppBuilder) – the flask app builder
- is_authorized_configuration(*, method, details=None, user=None)[source]¶
Return whether the user is authorized to perform a given action on configuration.
- Parameters
method (airflow.auth.managers.base_auth_manager.ResourceMethod) – the method to perform
details (airflow.auth.managers.models.resource_details.ConfigurationDetails | None) – optional details about the configuration
user (airflow.auth.managers.models.base_user.BaseUser | None) – the user to perform the action on. If not provided (or None), it uses the current user
- is_authorized_connection(*, method, details=None, user=None)[source]¶
Return whether the user is authorized to perform a given action on a connection.
- Parameters
method (airflow.auth.managers.base_auth_manager.ResourceMethod) – the method to perform
details (airflow.auth.managers.models.resource_details.ConnectionDetails | None) – optional details about the connection
user (airflow.auth.managers.models.base_user.BaseUser | None) – the user to perform the action on. If not provided (or None), it uses the current user
- is_authorized_dag(*, method, access_entity=None, details=None, user=None)[source]¶
Return whether the user is authorized to perform a given action on a DAG.
- Parameters
method (airflow.auth.managers.base_auth_manager.ResourceMethod) – the method to perform
access_entity (airflow.auth.managers.models.resource_details.DagAccessEntity | None) – the kind of DAG information the authorization request is about. If not provided, the authorization request is about the DAG itself
details (airflow.auth.managers.models.resource_details.DagDetails | None) – optional details about the DAG
user (airflow.auth.managers.models.base_user.BaseUser | None) – the user to perform the action on. If not provided (or None), it uses the current user
- is_authorized_dataset(*, method, details=None, user=None)[source]¶
Return whether the user is authorized to perform a given action on a dataset.
- Parameters
method (airflow.auth.managers.base_auth_manager.ResourceMethod) – the method to perform
details (airflow.auth.managers.models.resource_details.DatasetDetails | None) – optional details about the dataset
user (airflow.auth.managers.models.base_user.BaseUser | None) – the user to perform the action on. If not provided (or None), it uses the current user
- is_authorized_pool(*, method, details=None, user=None)[source]¶
Return whether the user is authorized to perform a given action on a pool.
- Parameters
method (airflow.auth.managers.base_auth_manager.ResourceMethod) – the method to perform
details (airflow.auth.managers.models.resource_details.PoolDetails | None) – optional details about the pool
user (airflow.auth.managers.models.base_user.BaseUser | None) – the user to perform the action on. If not provided (or None), it uses the current user
- is_authorized_variable(*, method, details=None, user=None)[source]¶
Return whether the user is authorized to perform a given action on a variable.
- Parameters
method (airflow.auth.managers.base_auth_manager.ResourceMethod) – the method to perform
details (airflow.auth.managers.models.resource_details.VariableDetails | None) – optional details about the variable
user (airflow.auth.managers.models.base_user.BaseUser | None) – the user to perform the action on. If not provided (or None), it uses the current user
- is_authorized_view(*, access_view, user=None)[source]¶
Return whether the user is authorized to access a read-only state of the installation.
- Parameters
access_view (airflow.auth.managers.models.resource_details.AccessView) – the specific read-only view/state the authorization request is about.
user (airflow.auth.managers.models.base_user.BaseUser | None) – the user to perform the action on. If not provided (or None), it uses the current user
- is_authorized_custom_view(*, method, resource_name, user=None)[source]¶
Return whether the user is authorized to perform a given action on a custom view.
A custom view can be a view defined as part of the auth manager. This view is then only available when the auth manager is used as part of the environment. It can also be a view defined as part of a plugin defined by a user.
- Parameters
method (airflow.auth.managers.base_auth_manager.ResourceMethod | str) – the method to perform. The method can also be a string if the action has been defined in a plugin. In that case, the action can be anything (e.g. can_do). See https://github.com/apache/airflow/issues/39144
resource_name (str) – the name of the resource
user (airflow.auth.managers.models.base_user.BaseUser | None) – the user to perform the action on. If not provided (or None), it uses the current user
- batch_is_authorized_connection(requests)[source]¶
Batch version of
is_authorized_connection
.- Parameters
requests (Sequence[airflow.auth.managers.models.batch_apis.IsAuthorizedConnectionRequest]) – a list of requests containing the parameters for
is_authorized_connection
- batch_is_authorized_dag(requests)[source]¶
Batch version of
is_authorized_dag
.- Parameters
requests (Sequence[airflow.auth.managers.models.batch_apis.IsAuthorizedDagRequest]) – a list of requests containing the parameters for
is_authorized_dag
- batch_is_authorized_pool(requests)[source]¶
Batch version of
is_authorized_pool
.- Parameters
requests (Sequence[airflow.auth.managers.models.batch_apis.IsAuthorizedPoolRequest]) – a list of requests containing the parameters for
is_authorized_pool
- batch_is_authorized_variable(requests)[source]¶
Batch version of
is_authorized_variable
.- Parameters
requests (Sequence[airflow.auth.managers.models.batch_apis.IsAuthorizedVariableRequest]) – a list of requests containing the parameters for
is_authorized_variable
- filter_permitted_dag_ids(*, dag_ids, methods=None, user=None)[source]¶
Filter readable or writable DAGs for user.
Filter menu items based on user permissions.
- Parameters
menu_items (list[flask_appbuilder.menu.MenuItem]) – list of all menu items
- security_manager()[source]¶
Return the security manager.
By default, Airflow comes with the default security manager
airflow.www.security_manager.AirflowSecurityManagerV2
. The auth manager might need to extend this default security manager for its own purposes.By default, return the default AirflowSecurityManagerV2.