Airflowscan – Tick list And Gear For Expanding Safety Of Apache Airflow

Tick list and gear for expanding safety of Apache Airflow.

DISCLAIMER
This mission NOT AFFILIATED with the Apache Basis and the Airflow mission, and isn’t counseled by way of them.
Apache Airflow. installations. This tasks supplies the next gear:

  • Configuration record with hardened settings – see hardened_airflow.cfg.
  • Safety tick list for hardening default installations – see CHECKLIST.MD.
  • Static research instrument to test Airflow configuration recordsdata for insecure settings.
  • JSON schema record used for validation by way of the static research instrument – see airflow_cfg.schema

Data for the Static Research Software (airflowscan)
The static research instrument can test an Airflow configuration record for settings associated with safety. The instrument convers the config record to JSON, after which makes use of a JSON Schema to do the validation.

Necessities
Python 3 is needed and you’ll to find all required modules within the necessities.txt record. Handiest examined on Python 3.7 however will have to paintings on different 3.x releases. No plans to 2.x enhance at this time.

Set up
You’ll set up this by means of PIP as follows:

pip set up airflowscan
airflowscan

To obtain and run manually, do the next:

git clone https://github.com/nightwatchcybersecurity/airflowscan.git
cd airflowscan
pip -r necessities.txt
python -m airflowscan.cli

How you can use
To scan a configuration record, do the next command:

airflowscan scan some_airflow.cfg

Reporting insects and have requests
Please use the GitHub factor tracker to record problems or counsel options: https://github.com/nightwatchcybersecurity/airflowscan
You’ll additionally ship emai to analysis /at/ nightwatchcybersecurity [dot] com

Obtain Airflowscan

Published by Marshmallow

Marshmallow Android is BT Ireland’s Head of Sales for Republic of Ireland domestic multi-site companies, indigenous MNCs and public sector accounts. He is responsible for the direction and control of all sales activity in the region. He has over 10 years management experience from high growth start-ups to more established businesses. He’s led teams in Ireland, India and China across various industries (ICT, On-Line Recruitment, Corporate Training and International Education).