How to audit secrets modifications

redec · January 19, 2022, 3:58pm

Hi all! I’m evaluating airflow as an option for a new system we’re building, and one of the requirements is we need to be able to trace/audit any changes to the stored secrets (connections and variables). I see airflow has an audit log, which is great, but it doesn’t seem to log modifications to secrets…which is surprising to me as I would think that’s the most important thing to be able to audit . Can anyone shed some light on how I could accomplish this? If I need to provide a custom secrets backend, does it have visibility into who the user is who is making the change? Thanks!

Topic		Replies	Views
Redacted words in Airflow logs Airflow airflow	1	797	September 27, 2023
Hide AWS credentials from logs Airflow	5	4210	May 17, 2021
AWS SSM Parameter Store as Secrets Backend (Airflow 1.10.10+) Airflow	3	5322	July 10, 2020
Local Airflow using SecretsManager as backend "Can't locate credentials" Airflow	1	4261	November 15, 2021
What precedence does Airflow determine when searching for a single connection? Airflow	0	2040	May 15, 2020

How to audit secrets modifications

Related topics