- Mais recentes
- Mais votos
- Mais comentários
Hi,
I understand you're referring to this MWAA documentation. Actually, the below statement isn't entirely correct. I'll request MWAA documentation team to correct it to prevent further confusion.
You can use the commands on this page to generate a web login token, and then make Amazon Managed Workflows for Apache Airflow API calls directly in your command shell. For example, you can get a token, then deploy DAGs programmatically using Amazon MWAA APIs.
As you may already be aware, MWAA web-login token is only meant to authenticate and authorize into the Airflow UI. It cannot be used to make API calls directly in the command shell or deploy DAGs programmatically. Instead, such functionality is fulfilled by MWAA CLI token, and this documentation provides the example Bash and Python code for it.
Regarding your second question, the URL with valid web login token will provide authentication and authorization into the Airflow UI. This is controlled by granting airflow:CreateWebLoginToken
permission to your IAM user/role, who needs to access the Airflow UI. In the Resource
attribute, one of the predefined Airflow roles can be specified. You can reference this documentation for more context. Specifying the web-login token with URL can be useful when you do not want to rely upon the MWAA Console SSO login option. This can be useful when you're implementing federated access to the Airflow UI as explained here as one example.
I hope this helps.
Conteúdo relevante
- AWS OFICIALAtualizada há 2 anos
- AWS OFICIALAtualizada há 2 meses