Open msolano00 opened 3 years ago
Thanks for opening your first issue here! Be sure to follow the issue template!
Do you want the run_as_user value of the dag to change based on which user submits the trigger DAG API call?
That is not currently possible at all, so this is a bigger feature request than you might realise -- the run_as_user and all other task properties for a DAG come from the python file, and the python file only, so there's no real mechansim to control this.
So first step on this: we need to come up with a design for letting some properties of the dag be overridden based on the DagRun.
We have dagrun.conf
already, which is one possible way, but that is only accessible to DAGs via template (i.e. {{ dag_run.conf.some_param }}
) which only applies to some fields.
🤔
@ashb Hi, thanks you for reply and sorry for the late response, got pulled into something at work.
Yes, exactly that is the behavior. Have a property that allows authenticated users (like a service account) to run jobs as other users.
So first step on this: we need to come up with a design for letting some properties of the dag be overridden based on the DagRun.
I will take a look into the core modules of airflow and reply back here once I have a better understanding of how it is being setup.
Description I would like one parameter in the REST API configuration object (we can reuse the existing
run_as_user
maybe) to allow me trigger a DAG as an authenticated as long as this "superuser" has a role/policy that allows to impersonate other users.Use case / motivation I want to build a task system that submits tasks to Airflow (along with other tools we use, in a SSO way). Users will be authenticated previously when logging to this tasks system and should be able to trigger DAGs. This DAGs have to run AS the user. WEBHDFS (Apache HDFS restful api) achieves something similar.
Are you willing to submit a PR? I would indeed! It might just take some time since I am fairly new to Airflow
Related Issues Yes: https://github.com/apache/airflow/issues/982