Looks great to me בתאריך יום ה׳, 9 באפר׳ 2026, 15:26, מאת Barak Abekasis <[email protected] >:
> Hi Airflow community, > > I would like to propose adding a new community provider for **Akeyless > Vault > Platform** to the Apache Airflow monorepo. > > ## What is Akeyless? > > Akeyless (https://www.akeyless.io/) is a SaaS-based secrets management and > zero-trust access platform used by thousands of organizations for: > > - **Static secrets management** (key/value secrets, similar to Vault KV) > - **Dynamic secrets** (just-in-time credentials for databases, cloud > providers, Kubernetes, etc.) > - **Rotated secrets** (automatic credential rotation) > - **Zero-trust access** (SSH, RDP, Kubernetes, database access via > ephemeral credentials) > > Akeyless is increasingly used alongside Airflow in data engineering > workflows where secrets need to be injected into DAGs at runtime. Today > there is **no existing Airflow provider** for Akeyless — users must > manually > call the Akeyless SDK inside PythonOperator tasks, which is error-prone > and doesn't integrate with Airflow's secrets backend or connection > management. > > ## What the provider includes > > | Component | Class | > |---|---| > | **Hook** | `airflow.providers.akeyless.hooks.akeyless.AkeylessHook` | > | **Connection type** | `akeyless` (custom UI fields for 8 auth methods) | > | **Secrets Backend** | > `airflow.providers.akeyless.secrets.akeyless.AkeylessBackend` | > > ### AkeylessHook capabilities > > - Get static secret values (single and batch) > - Create / update / delete secrets > - List and describe items > - Generate dynamic secret values (database credentials, cloud keys, etc.) > - Retrieve rotated secret values > - Supports all Akeyless authentication methods: API Key, AWS IAM, GCP, > Azure AD, Universal Identity, JWT/OIDC, Kubernetes, Certificate > > ### AkeylessBackend (Secrets Backend) > > - Sources Airflow **Connections**, **Variables**, and **Configuration** > from > Akeyless — drop-in replacement pattern identical to the HashiCorp Vault > backend > - Supports URI, JSON dict, and `conn_uri` formats for connections > - Configurable path prefixes and separators > > ### Connection type > > Custom connection form in the Airflow UI with dedicated fields for: > Access ID, Access Key, API URL, Access Type, UID Token, GCP Audience, > Azure Object ID, JWT, K8s Auth Config Name, Certificate/Key PEM data. > > ## Dependencies > > - `akeyless>=5.0.0` (Apache 2.0 licensed, actively maintained, > ~350K monthly PyPI downloads) > - Optional: `akeyless_cloud_id` for AWS/GCP/Azure cloud-based auth > > ## Proposed stewards > > - Barak Abekasis (@baraka-akeyless) — Akeyless integrations team > - Dean Sher (@deanshak) - Product Architect > > > We are committed to maintaining this provider per the AIP-95 governance > framework, including timely PR reviews, issue resolution, and quarterly > updates. > > ## PR > > The implementation is ready at: > https://github.com/apache/airflow/pull/64754 > > The provider follows the monorepo structure (`providers/akeyless/`) with: > - Full RST documentation (connection guide, secrets backend guide, > changelog) > - Unit tests for hook, secrets backend, and internal client validation > - Example system test DAG > - `provider.yaml` with connection field schema > > Looking forward to your feedback. > > [image: Kind regards,] > > [image: photo] > > Barak Abekasis > Solution Architect, Akeyless > > [image: icon] +972-526238465 [image: icon] [email protected] [image: > icon] akeyless.io > > [image: youtube] <https://www.youtube.com/@Akeyless> > > [image: facebook] <https://www.facebook.com/Akeylessio> > > [image: linkedin] <https://www.linkedin.com/company/akeyless/> > > [image: twitter] <https://x.com/akeylessio> > > [image: Meeting Button App] <https://meetings.hubspot.com/barak-abekasis> > > [image: __tpx__] >
