0
0
Apache Airflowdevops~10 mins

Connection encryption in Apache Airflow - Step-by-Step Execution

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Process Flow - Connection encryption
Start Airflow Connection Setup
Define Connection Parameters
Enable Encryption Settings?
NoUse Plain Connection
Yes
Set Encryption Protocol (e.g., TLS)
Provide Certificates/Keys
Test Connection with Encryption
Connection Established Securely
End
This flow shows how Airflow sets up a connection with encryption by enabling encryption, setting protocols, providing keys, and testing the secure connection.
Execution Sample
Apache Airflow
conn = Connection(
    conn_id='my_db',
    conn_type='postgres',
    host='db.example.com',
    login='user',
    password='pass',
    extra='{"sslmode": "require"}'
)
session.add(conn)
session.commit()
This code creates a new Airflow connection to a Postgres database with SSL encryption required.
Process Table
StepActionParameter SetEncryption EnabledResult
1Create Connection objectconn_id='my_db', conn_type='postgres', host='db.example.com', login='user', password='pass'NoConnection object created without encryption
2Add extra parameter for SSLextra='{"sslmode": "require"}'YesEncryption flag set to require SSL
3Add connection to sessionsession.add(conn)YesConnection staged for saving
4Commit sessionsession.commit()YesConnection saved with encryption settings
5Test connectionConnect to db.example.com with SSLYesConnection established securely
6End--Setup complete with encryption
💡 Connection saved and tested with SSL encryption enabled
Status Tracker
VariableStartAfter Step 1After Step 2After Step 3After Step 4Final
connNoneConnection object without extraConnection object with extra SSL paramSameSameSaved in Airflow DB with SSL
encryption_enabledFalseFalseTrueTrueTrueTrue
Key Moments - 2 Insights
Why do we add the 'extra' parameter with sslmode instead of a direct attribute?
Airflow uses the 'extra' JSON field to pass additional connection options like SSL settings. This is shown in execution_table step 2 where adding 'extra' enables encryption.
What happens if we skip the commit step after adding the connection?
Without committing (step 4), the connection is not saved in Airflow's database, so encryption settings won't persist. The connection won't be usable.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution_table at step 2, what change happens to the connection?
AConnection is deleted
BConnection type changes to MySQL
CEncryption is enabled by adding SSL parameters
DPassword is removed
💡 Hint
Refer to the 'Encryption Enabled' and 'Parameter Set' columns at step 2 in execution_table
At which step is the connection saved permanently in Airflow's database?
AStep 1
BStep 4
CStep 3
DStep 5
💡 Hint
Look at the 'Result' column in execution_table for the commit action
If we remove the 'extra' parameter, what will be the encryption status?
AEncryption disabled
BEncryption enabled
CConnection fails to create
DEncryption status unknown
💡 Hint
Check variable_tracker for 'encryption_enabled' after step 1 and 2
Concept Snapshot
Airflow Connection Encryption Setup:
- Create Connection object with basic params
- Use 'extra' JSON to add SSL (e.g., 'sslmode':'require')
- Add and commit connection to Airflow DB
- Test connection to confirm encryption
- Encryption ensures data security during connection
Full Transcript
This visual execution shows how to set up an encrypted connection in Airflow. First, a Connection object is created with basic details like host and login. Then, encryption is enabled by adding SSL parameters inside the 'extra' JSON field. The connection is added to the session and committed to save it permanently. Finally, the connection is tested to confirm it uses encryption. Variables like 'conn' and 'encryption_enabled' track the state changes. Key moments clarify why the 'extra' field is used and the importance of committing. Quizzes check understanding of when encryption is enabled and saved.