Airflow RBAC
RBAC
(рдбреЙрдХреНрд╕ рд╕реЗ)[https://airflow.apache.org/docs/apache-airflow/stable/security/access-control.html]: Airflow рдореЗрдВ рдбрд┐рдлрд╝реЙрд▓реНрдЯ рд░реВрдк рд╕реЗ рдХреБрдЫ рднреВрдорд┐рдХрд╛рдПрдБ рд╣реЛрддреА рд╣реИрдВ: Admin, User, Op, Viewer, рдФрд░ Public. рдХреЗрд╡рд▓ Admin рдЙрдкрдпреЛрдЧрдХрд░реНрддрд╛ рд╣реА рдЕрдиреНрдп рднреВрдорд┐рдХрд╛рдУрдВ рдХреЗ рд▓рд┐рдП рдЕрдиреБрдорддрд┐рдпрд╛рдБ рдХреЙрдиреНрдлрд╝рд┐рдЧрд░/рдмрджрд▓ рд╕рдХрддреЗ рд╣реИрдВ. рд▓реЗрдХрд┐рди рдпрд╣ рд╕рд┐рдлрд╛рд░рд┐рд╢ рдирд╣реАрдВ рдХреА рдЬрд╛рддреА рд╣реИ рдХрд┐ Admin рдЙрдкрдпреЛрдЧрдХрд░реНрддрд╛ рдЗрди рдбрд┐рдлрд╝реЙрд▓реНрдЯ рднреВрдорд┐рдХрд╛рдУрдВ рдХреЛ рдХрд┐рд╕реА рднреА рддрд░рд╣ рд╕реЗ рдмрджрд▓реЗрдВ, рдЪрд╛рд╣реЗ рд╡рд╣ рдЗрди рднреВрдорд┐рдХрд╛рдУрдВ рдореЗрдВ рдЕрдиреБрдорддрд┐рдпрд╛рдБ рдЬреЛрдбрд╝рдирд╛ рд╣реЛ рдпрд╛ рд╣рдЯрд╛рдирд╛.
AdminрдЙрдкрдпреЛрдЧрдХрд░реНрддрд╛ рдХреЗ рдкрд╛рд╕ рд╕рднреА рд╕рдВрднрд╡ рдЕрдиреБрдорддрд┐рдпрд╛рдБ рд╣реЛрддреА рд╣реИрдВ.PublicрдЙрдкрдпреЛрдЧрдХрд░реНрддрд╛ (рдЧреБрдордирд╛рдо) рдХреЗ рдкрд╛рд╕ рдХреЛрдИ рднреА рдЕрдиреБрдорддрд┐рдпрд╛рдБ рдирд╣реАрдВ рд╣реЛрддреА рд╣реИрдВ.ViewerрдЙрдкрдпреЛрдЧрдХрд░реНрддрд╛ рдХреЗ рдкрд╛рд╕ рд╕реАрдорд┐рдд рджрд░реНрд╢рдХ рдЕрдиреБрдорддрд┐рдпрд╛рдБ рд╣реЛрддреА рд╣реИрдВ (рдХреЗрд╡рд▓ рдкрдврд╝рдиреЗ рдХреЗ рд▓рд┐рдП). рд╡рд╣ рдХреЙрдиреНрдлрд╝рд┐рдЧ рдирд╣реАрдВ рджреЗрдЦ рд╕рдХрддрд╛.UserрдЙрдкрдпреЛрдЧрдХрд░реНрддрд╛ рдХреЗ рдкрд╛рд╕ViewerрдЕрдиреБрдорддрд┐рдпрд╛рдБ рд╣реЛрддреА рд╣реИрдВ рдкреНрд▓рд╕ рдЕрддрд┐рд░рд┐рдХреНрдд рдЙрдкрдпреЛрдЧрдХрд░реНрддрд╛ рдЕрдиреБрдорддрд┐рдпрд╛рдБ рдЬреЛ рдЙрд╕реЗ DAGs рдХрд╛ рдереЛрдбрд╝рд╛ рдкреНрд░рдмрдВрдзрди рдХрд░рдиреЗ рдХреА рдЕрдиреБрдорддрд┐ рджреЗрддреА рд╣реИрдВ. рд╡рд╣ рдХреЙрдиреНрдлрд╝рд┐рдЧ рдлрд╝рд╛рдЗрд▓ рджреЗрдЦ рд╕рдХрддрд╛ рд╣реИOpрдЙрдкрдпреЛрдЧрдХрд░реНрддрд╛ рдХреЗ рдкрд╛рд╕UserрдЕрдиреБрдорддрд┐рдпрд╛рдБ рд╣реЛрддреА рд╣реИрдВ рдкреНрд▓рд╕ рдЕрддрд┐рд░рд┐рдХреНрдд op рдЕрдиреБрдорддрд┐рдпрд╛рдБ.
рдзреНрдпрд╛рди рджреЗрдВ рдХрд┐ admin рдЙрдкрдпреЛрдЧрдХрд░реНрддрд╛ рдЕрдзрд┐рдХ рднреВрдорд┐рдХрд╛рдПрдБ рдмрдирд╛ рд╕рдХрддреЗ рд╣реИрдВ рдЬрд┐рдирдореЗрдВ рдЕрдзрд┐рдХ рд╕реВрдХреНрд╖реНрдо рдЕрдиреБрдорддрд┐рдпрд╛рдБ рд╣реЛрддреА рд╣реИрдВ.
рдпрд╣ рднреА рдзреНрдпрд╛рди рджреЗрдВ рдХрд┐ рдЙрдкрдпреЛрдЧрдХрд░реНрддрд╛рдУрдВ рдФрд░ рднреВрдорд┐рдХрд╛рдУрдВ рдХреА рд╕реВрдЪреА рдмрдирд╛рдиреЗ рдХреА рдЕрдиреБрдорддрд┐ рдХреЗрд╡рд▓ рдбрд┐рдлрд╝реЙрд▓реНрдЯ рднреВрдорд┐рдХрд╛ Admin рдХреЗ рдкрд╛рд╕ рд╣реИ, Op рднреА рдРрд╕рд╛ рдирд╣реАрдВ рдХрд░ рд╕рдХрддрд╛.
рдбрд┐рдлрд╝реЙрд▓реНрдЯ рдЕрдиреБрдорддрд┐рдпрд╛рдБ
рдпреЗ рдбрд┐рдлрд╝реЙрд▓реНрдЯ рднреВрдорд┐рдХрд╛рдУрдВ рдХреЗ рд▓рд┐рдП рдбрд┐рдлрд╝реЙрд▓реНрдЯ рдЕрдиреБрдорддрд┐рдпрд╛рдБ рд╣реИрдВ:
Admin
[can delete on Connections, can read on Connections, can edit on Connections, can create on Connections, can read on DAGs, can edit on DAGs, can delete on DAGs, can read on DAG Runs, can read on Task Instances, can edit on Task Instances, can delete on DAG Runs, can create on DAG Runs, can edit on DAG Runs, can read on Audit Logs, can read on ImportError, can delete on Pools, can read on Pools, can edit on Pools, can create on Pools, can read on Providers, can delete on Variables, can read on Variables, can edit on Variables, can create on Variables, can read on XComs, can read on DAG Code, can read on Configurations, can read on Plugins, can read on Roles, can read on Permissions, can delete on Roles, can edit on Roles, can create on Roles, can read on Users, can create on Users, can edit on Users, can delete on Users, can read on DAG Dependencies, can read on Jobs, can read on My Password, can edit on My Password, can read on My Profile, can edit on My Profile, can read on SLA Misses, can read on Task Logs, can read on Website, menu access on Browse, menu access on DAG Dependencies, menu access on DAG Runs, menu access on Documentation, menu access on Docs, menu access on Jobs, menu access on Audit Logs, menu access on Plugins, menu access on SLA Misses, menu access on Task Instances, can create on Task Instances, can delete on Task Instances, menu access on Admin, menu access on Configurations, menu access on Connections, menu access on Pools, menu access on Variables, menu access on XComs, can delete on XComs, can read on Task Reschedules, menu access on Task Reschedules, can read on Triggers, menu access on Triggers, can read on Passwords, can edit on Passwords, menu access on List Users, menu access on Security, menu access on List Roles, can read on User Stats Chart, menu access on User's Statistics, menu access on Base Permissions, can read on View Menus, menu access on Views/Menus, can read on Permission Views, menu access on Permission on Views/Menus, can get on MenuApi, menu access on Providers, can create on XComs]
Op
[can delete on Connections, can read on Connections, can edit on Connections, can create on Connections, can read on DAGs, can edit on DAGs, can delete on DAGs, can read on DAG Runs, can read on Task Instances, can edit on Task Instances, can delete on DAG Runs, can create on DAG Runs, can edit on DAG Runs, can read on Audit Logs, can read on ImportError, can delete on Pools, can read on Pools, can edit on Pools, can create on Pools, can read on Providers, can delete on Variables, can read on Variables, can edit on Variables, can create on Variables, can read on XComs, can read on DAG Code, can read on Configurations, can read on Plugins, can read on DAG Dependencies, can read on Jobs, can read on My Password, can edit on My Password, can read on My Profile, can edit on My Profile, can read on SLA Misses, can read on Task Logs, can read on Website, menu access on Browse, menu access on DAG Dependencies, menu access on DAG Runs, menu access on Documentation, menu access on Docs, menu access on Jobs, menu access on Audit Logs, menu access on Plugins, menu access on SLA Misses, menu access on Task Instances, can create on Task Instances, can delete on Task Instances, menu access on Admin, menu access on Configurations, menu access on Connections, menu access on Pools, menu access on Variables, menu access on XComs, can delete on XComs]
User
[can read on DAGs, can edit on DAGs, can delete on DAGs, can read on DAG Runs, can read on Task Instances, can edit on Task Instances, can delete on DAG Runs, can create on DAG Runs, can edit on DAG Runs, can read on Audit Logs, can read on ImportError, can read on XComs, can read on DAG Code, can read on Plugins, can read on DAG Dependencies, can read on Jobs, can read on My Password, can edit on My Password, can read on My Profile, can edit on My Profile, can read on SLA Misses, can read on Task Logs, can read on Website, menu access on Browse, menu access on DAG Dependencies, menu access on DAG Runs, menu access on Documentation, menu access on Docs, menu access on Jobs, menu access on Audit Logs, menu access on Plugins, menu access on SLA Misses, menu access on Task Instances, can create on Task Instances, can delete on Task Instances]
Viewer
[can read on DAGs, can read on DAG Runs, can read on Task Instances, can read on Audit Logs, can read on ImportError, can read on XComs, can read on DAG Code, can read on Plugins, can read on DAG Dependencies, can read on Jobs, can read on My Password, can edit on My Password, can read on My Profile, can edit on My Profile, can read on SLA Misses, can read on Task Logs, can read on Website, menu access on Browse, menu access on DAG Dependencies, menu access on DAG Runs, menu access on Documentation, menu access on Docs, menu access on Jobs, menu access on Audit Logs, menu access on Plugins, menu access on SLA Misses, menu access on Task Instances]
Public
[]
Last updated