As a comment above the value, it says # Secret key used to run your flask app, but that doesn't tell me much. Currently it is set to secret_key = temporary_key, but that seems unsafe. We have set up password protection on the webservice, and it is backed by postgres running on Ubuntu 14/16.
Asked
Active
Viewed 9,202 times
5
André Christoffer Andersen
- 191
- 1
- 11
1 Answers
4
From the Flask documentation, the secret_key is a Flask setting which is used to keep client sessions secure. The Airflow documentation however doesn't really mention it (even in the Security section), nor that it should be changed from the default of temporary_key. It should be changed to a random key of your choice.
You can generate it with the Python command shown in the Flask docs:
python -c 'import os; print(os.urandom(16))'
Or, since the secret_key may be in unicode, you can use any online key generator to create one, or just enter some random string of letters and numbers.
Generate the key and copy-paste into your airflow.cfg, restarting the Airflow webserver afterwards.
BjornO
- 151
- 4
-
Python now has `secrets` module as part of standard library for generating cryptographically secure random values – Alex W Aug 20 '22 at 19:44