Astro was impacted by an outage of our authentication provider. As expected, UI across Astro became unreachable, as our system was not able to determine who was a properly credentialed user. We have reviewed if there is any way that we could have maintained UI access during the authentication outage, but have concluded that any such change would be an unacceptable compromise to our security.
However, in addition to an inaccessible UI, the authentication provider outage also caused degraded performance of scaling workers to perform task runs. Certain Astro components involved in auto-scaling have verification steps that currently make calls to our authentication service, and failed when these calls could not be completed. However, we have determined alternate, secure methods of performing these verification steps that do not require new calls to be made to Astro’s authentication provider during a scale up. We will be making changes to Astro to implement these improved methods, and we expect them to be available by the end of 2023.
At Astronomer, our top priority is the reliable and secure execution of your DAGs, and we believe with these changes, customer Deployments will have the same high level of security as they do currently with an increased resilience to any future outages in authentication.