Checklist and equipment for expanding safety of^( Airflow.
This venture NOT AFFILIATED with the Apache Foundation and the Airflow venture, and isn’t recommended via them.
^( . installations. This initiatives supplies the next equipment:
- Configuration document with hardened settings – see ^( .
- Security tick list for ^( default installations – see ^( .
- Static ^( device to test Airflow configuration recordsdata for insecure settings.
- JSON schema record used for validation via the static research device – see ^(
Information for the ^( Tool (airflowscan)
The static research device can take a look at an Airflow configuration document for settings associated with safety. The device convers the config document to JSON, after which makes use of a ^( Schema to do the validation.
Python 3 is needed and you’ll in finding all required modules within the necessities.txt document. Only examined on Python 3.7 however must paintings on different 3.x releases. No plans to 2.x strengthen at this time.
You can set up this by way of PIP as follows:
pip set up airflowscan
To obtain and run manually, do the next:
git clone https://github.com/nightwatchcybersecurity/airflowscan.git
pip -r necessities.txt
python -m airflowscan.cli
How to make use of
To scan a configuration document, do the next command:
airflowscan scan some_airflow.cfg
Reporting insects and have requests
Please use the GitHub factor tracker to record problems or counsel options: ^(
You too can ship emai to analysis /at/ nightwatchcybersecurity [dot] com