Airflowscan - Checklist As Well As Tools For Increasing Safety Of Apache Airflow
Checklist too tools for increasing safety of Apache Airflow.
DISCLAIMER
This projection NOT AFFILIATED amongst the Apache Foundation too the Airflow project, too is non endorsed past times them.
Contents
The usage of this projection is furnish tools to growth safety of Apache Airflow. installations. This projects provides the next tools:
- Configuration file amongst hardened settings - run into hardened_airflow.cfg.
- Security checklist for hardening default installations - run into CHECKLIST.MD.
- Static analysis tool to depository fiscal establishment agree Airflow configuration files for insecure settings.
- JSON schema document used for validation past times the static analysis tool - run into airflow_cfg.schema
Information for the Static Analysis Tool (airflowscan)
The static analysis tool tin terminate depository fiscal establishment agree an Airflow configuration file for settings related to security. The tool convers the config file to JSON, too thence uses a JSON Schema to produce the validation.
Requirements
Python three is required too yous tin terminate respect all required modules inward the requirements.txt file. Only tested on Python 3.7 simply should operate on other 3.x releases. No plans to 2.x back upwards at this time.
Installation
You tin terminate install this via PIP every bit follows:
pip install airflowscan airflowscan
To download too run manually, produce the following:git clone https://github.com/nightwatchcybersecurity/airflowscan.git cd airflowscan pip -r requirements.txt python -m airflowscan.cli
How to use
To scan a configuration file, produce the next command:
airflowscan scan some_airflow.cfg
Reporting bugs too characteristic requests
Please usage the GitHub effect tracker to study issues or advise features: https://github.com/nightwatchcybersecurity/airflowscan
You tin terminate also post emai to research /at/ nightwatchcybersecurity [dot] com