Astronomer Fab Securitymanager

Overview

The astronomer-fab-securitymanager is a specialized tool designed to enhance security management within the Astronomer Platform, particularly when integrated with Apache Airflow. This custom security manager offers a seamless way to validate JWT tokens and manage user roles automatically, ensuring that security protocols are followed efficiently.

By checking the roles claim from validated JWT tokens, the security manager ensures that users have the appropriate permissions while also keeping their existing roles intact. This tool is particularly useful for teams that require strict access controls and want to minimize administrative overhead.

Features

• JWT Validation: Automatically validates JWT tokens from the Astronomer Platform, ensuring secure user access management.
• User Record Management: Creates or updates user records as necessary, streamlining the onboarding process for new users.
• Role Synchronization: Analyzes the roles claim of the JWT token to grant users the correct roles while maintaining any custom roles they may have.
• Stock Role Management: Efficiently removes any extra stock roles from existing users, allowing for clean role assignments without disrupting custom roles.
• Easy Configuration: Utilizes Airflow's configuration mechanism, making it straightforward to set up and customize via environment variables.
• Support for RBAC Mode: Designed to operate seamlessly with Airflow's Role-Based Access Control mode, enhancing both security and user experience.
• Inline Documentation: Comes with inline documentation for easy reference, ensuring developers can quickly understand and utilize all settings.
• Test Coverage: Supports running tests with coverage, contributing to better development practices and code quality.