This chapter covers

• Examining and configuring the RBAC interface for controlling access
• Granting access to a central set of users by connecting with an LDAP service
• Configuring a Fernet key to encrypt secrets in the database
• Securing traffic between your browser and the webserver
• Fetching secrets from a central secret management system

Given the nature of Airflow, a spider in the web orchestrating a series of tasks, it must connect with many systems and is therefore a desirable target to gain access to. To avoid unwanted access, in this chapter we discuss the security of Airflow. We cover various security-related use cases and elaborate on these with practical examples. Security is often seen as a topic of black magic, ...