Jan 16
Loading video player...
In this episode of the GitOps series, we introduce access control and security from a GitOps perspective and explain why these topics are critical for modern infrastructure and deployment management. As engineering teams move faster with automation and frequent releases, the attack surface increases. Traditional security models that rely heavily on manual processes struggle to scale in GitOps-driven environments. GitOps changes how security responsibilities are shared, allowing developers, DevOps engineers, and security teams to collaborate more effectively through Git-based workflows. We start by explaining what access control really means, including authentication and authorization, and break it down using simple real-world examples. You will learn how subjects, objects, and reference monitors apply not only in theory but also in real systems such as CI/CD pipelines and Kubernetes clusters. The episode then walks through what needs to be secured in an end-to-end Kubernetes delivery process. This includes CI/CD pipelines, container registries, Git repositories, Kubernetes clusters, cloud providers, applications, and GitOps operators. For each component, we explain common risks, attack vectors, and why security decisions are always a balance between protection and usability. We also dive into how GitOps improves the security model compared to traditional CI-driven deployments. By limiting direct cluster access and moving control to Git, GitOps reduces the attack surface and makes security policies easier to audit, review, and enforce using familiar tools like pull requests and code reviews. By the end of this episode, you will clearly understand how access control works in GitOps, why Git becomes the central security boundary, and how this approach helps enterprises secure Kubernetes environments at scale. ๐ Recommended: Watch Chapters 1 and 2 before this episode for better context. ๐ Audience: DevOps engineers, platform engineers, security engineers, and anyone working with GitOps and Kubernetes. If you find this episode useful, donโt forget to like, subscribe, and share it with your team.