Overview
Apache Airflow sign-in page
The Apache Airflow web sign-in page, served on first boot with no manual setup.
Apache Airflow sign-in page
DAGs list
DAG grid view
This is a repackaged open source software product wherein additional charges apply for cloudimg support services.
Why This Airflow AMI Over Self-Managed or Other Options
Apache Airflow is rated 4.4 stars on G2 with reviewers praising its flexibility - but also noting it "requires dedicated maintenance" and presents "setup challenges." This AMI eliminates those pain points. Unlike manual installation, you get a fully configured, production-ready Airflow environment running within minutes of launch - no dependency troubleshooting, no configuration drift, and no default credentials to forget to rotate.
Unlike managed services that abstract away control, this single-node deployment gives you full SSH access, complete customization freedom, and no vendor lock-in beyond standard EC2 infrastructure.
Application Stack
- Apache Airflow 3.x (latest stable) installed into a dedicated Python virtual environment, pinned with the official Airflow constraints file for reproducible builds
- Local PostgreSQL metadata database - no external database dependency to provision or manage
- LocalExecutor - task instances run as subprocesses with no Celery or Kubernetes dependency, reducing operational complexity and cost for teams that do not need distributed execution
- systemd-managed services - the API server, scheduler, and DAG processor each run under dedicated unprivileged service accounts with automatic restart on failure
Security and Hardening
Unique Credentials Per Instance: On first boot, a one-shot service generates a fresh PostgreSQL password and a fresh Airflow administrator password unique to that instance. Credentials are written to a root-only file. No shared or default credentials ship in the image - eliminating the credential-sharing risk common with other AMIs.
Unprivileged Service Accounts: Each Airflow component runs under its own restricted system user, limiting blast radius if any single process is compromised.
Network Security Guidance: Configure your EC2 security group to restrict port 8080 access to trusted IP ranges or place the instance behind an Application Load Balancer with TLS termination for encrypted access to the web UI. Enable EBS encryption on your instance volume for data-at-rest protection.
OS-Level Practices: The image ships with minimal installed packages and unattended security updates enabled to reduce attack surface.
Getting Started
- Launch the AMI on your chosen instance type with an EBS-encrypted volume
- Ensure your security group allows inbound TCP on port 8080 from your IP
- Wait approximately 2-3 minutes for the first-boot credential generation to complete
- SSH into the instance and retrieve your credentials from the root-only file
- Browse to http://your-instance-ip:8080 and sign in as the administrator
- Begin authoring DAGs, triggering runs, and monitoring pipelines through the Airflow web interface
Use Case Example
A data engineering team of 3-5 engineers running nightly ETL pipelines - ingesting data from S3, transforming with Python operators, and loading into Redshift - can operate hundreds of DAGs on a single node without needing Kubernetes or Celery infrastructure. This deployment suits teams that want Airflow's full power without the operational overhead of a distributed cluster.
Additional Use Cases
- Scheduled batch processing and reporting
- Machine learning workflow automation and model retraining pipelines
- Cross-system task coordination across AWS services
- Data pipeline orchestration for mid-size teams without dedicated DevOps
cloudimg Support
24/7 technical support by email and live chat. Our engineers provide expert assistance with Airflow deployment, upgrades, executor configuration, DAG authoring, performance tuning, and metadata database administration. Book a free 15-minute onboarding call to get personalized guidance for your use case.
Apache Airflow and Apache are trademarks of the Apache Software Foundation. All other product and company names are trademarks or registered trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.
Highlights
- Apache Airflow preinstalled and ready, with a local PostgreSQL metadata database and the LocalExecutor, and no manual setup required
- Hardened first boot generates fresh PostgreSQL and Airflow administrator passwords for every instance and stores them in a file only the root user can read
- 24/7 technical support from cloudimg, with expert assistance for Airflow deployment, configuration, upgrades and DAG authoring
Details
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
Pricing
Free trial
- ...
Dimension | Description | Cost/hour |
|---|---|---|
m5.large Recommended | m5.large | $0.08 |
t3.micro | t3.micro instance type | $0.04 |
t2.micro | t2.micro instance type | $0.04 |
m5a.12xlarge | m5a.12xlarge instance type | $0.24 |
c8a.large | c8a.large instance type | $0.08 |
c8i-flex.2xlarge | c8i-flex.2xlarge instance type | $0.24 |
c8in.24xlarge | c8in.24xlarge instance type | $0.24 |
r6a.16xlarge | r6a.16xlarge instance type | $0.24 |
m6a.xlarge | m6a.xlarge instance type | $0.12 |
m7a.32xlarge | m7a.32xlarge instance type | $0.24 |
Vendor refund policy
Refunds available on request.
How can we make this page better?
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Remediates flagged CVEs: full apt update (kernel + userspace); rng-tools added.
Additional details
Usage instructions
Connect via SSH on port 22 as the default login user for your operating system variant (the user guide lists it per variant). The Airflow web UI is served on port 8080. Browse to http://<instance-public-ip>:8080/ and sign in as the 'admin' user. Retrieve the generated administrator password with: sudo cat /root/airflow-credentials.txt. DAG files live under /opt/airflow/dags. To enable HTTPS, follow the reverse proxy section of the user guide.
Resources
Vendor resources
Support
Vendor support
cloudimg Support
cloudimg provides 24/7 technical support for this Apache Airflow AMI by email and live chat.
What We Help With:
- Initial deployment and first-boot credential retrieval
- Airflow configuration, DAG authoring, and executor tuning
- Upgrades to new Airflow releases
- Performance tuning and metadata database administration
- Troubleshooting failed tasks, scheduler issues, and connectivity problems
- Instance sizing recommendations for your workload
Response Times:
Critical issues receive a one-hour average response time. Our engineers specialize in Airflow operations and can assist with everything from basic setup questions to complex production debugging.
Getting Started:
After launching your instance, retrieve your unique administrator credentials from the root-only file via SSH, then access the Airflow web UI on port 8080. If you need help at any stage, contact us at support@cloudimg.co.uk .
Refunds and Billing:
For questions about billing, subscription changes, or refund requests, contact the same support email and our team will assist promptly.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
