Security & IAM policies in a GitOps world
The GitOps approach is not just for deployment velocity, but to improve security of the pipeline. In this post, learn how to incorporate security and IAM policies the GitOps way.
James Governor from Redmonk discusses: DX, Guardrails, Golden Paths & Policy Management in Kubernetes
Watch Weave GitOps Release Features: Trusted Application Delivery with Policy as Code, VScode and Terraform extensions for Flux
Trusted Application Delivery: Security shifts left with GitOps and Policy as Code
Broken Access Control is still the top vulnerability in the list of OWASP Top 10 security risks. This means that proper configuration of access controls can solve a majority of your security concerns. In this post, let’s discuss what a GitOps approach to security and IAM policies looks like in practice, and how it can help improve your cloud-native system’s security posture.
The key concept of GitOps is about matching the current state of your production environment with its desired state. To achieve this, organizations maintain a Git repository consisting of Infrastructure as Code (IaC) in a declarative format. Thus, Git becomes the pulse of the system right from the start. This being the case, GitOps prioritizes Continuous Security, ensuring that security is baked-in and at the core of every stage, rather than just an add-on feature. This enables the developers to address any issues with code, and resolve existing vulnerabilities before they reach the production environment.
Snyk ranked cloud security misconfigurations as #1 type of incident, in their ‘Cloud-Native Application Security Report 2021’. Despite having an integrated Security-as-Code in your pipeline, if any settings in cloud modules are improperly configured, your infrastructure and application will lack the required industry-standard security. Granted, such occurrences can often be accidental but they can also be due to being unaware of cloud security or having poor to no Standard Operating Procedures (SOP).
GitOps provides a perfect solution to this problem, without causing any hindrance to developers and security analysts alike. As GitOps is an IaC-based approach, security policies and configurations can be included in the form of SaC (Security-as-Code) with proper version control in Git. This methodology also enables you to make any immediate changes to your pipeline as required. This comes in handy in case of a system breach or a zero-day vulnerability in your infrastructure or application. As soon as you detect the security vulnerability in your pipeline it can be swiftly resolved by making changes to your Git repository.
GitOps also allows security automation when you enforce security policies in the form of ‘Policy as Code’ (PaC). With this model, authentication, access control, logging and observability can be configured as part of your security policy.
Another implementation you can leverage in GitOps is ‘Configuration as Code’ (CaC). You can manage your YAML files through Git to ensure that you fulfill all required security criteria. In this method, you also declare your security access policies in a config file.
The GitOps model provides integrated security for an environment. Thus, even if your developers are unable to access the infrastructure or cloud clusters directly, the GitOps pipeline will automatically deploy the modifications to the cloud. This enhances security as production environments are untouched by manual changes.
Trusted Application Delivery - Achieving Ultimate Security
Join us on July 14 for a live webinar where we discuss to simplify the shifting left of security and accelerate the adoption of DevSecOps practices with GitOps on EKS.Register Now
GitOps encourages a ‘shift-left’ approach to security. The term indicates moving security to the left in a conventional software delivery pipeline. This means security is integrated at the earlier stages, which ensures that security is at the core of every phase.
This is what continuous security looks like in practice:
- Authentication and Access Management
One of the major security aspects of any application is how secure the authentication is. Credentials must always be managed in an encrypted manner. It should not be exposed in any of the code or application backend.
Access and privileges for all users and APIs should be configured depending on the requirement. You should also leverage the version history feature available in the GitOps model. That way you will be able to track every modification made to the code and use that for auditing purposes as well.
- Shift-Left Security Scanning
In a pipeline, the earlier you perform security scanning and testing, the more freedom your developers will have to accommodate all security feedback. By doing this, security will be an integral part of your code, instead of an add-on feature. You can implement security starting with the Git repositories and CI steps for maximum efficiency.
Using a purpose-built solution like the most recent Weave GitOps release , you can enforce security policy compliance and best practices through PaC (Policy-as-Code). Magalix is able to perform pre-configured checks to code before it goes out to production, and alerts on any security and compliance issues before they occur. Your team benefits from the continuous feedback loop and is able to make quick and qualitative improvements to ensure security.
Identity and Access Management (IAM) is used for access control in the cloud. Attached to users and resources, IAM policies are a collection of metadata and role bindings. While metadata consists of policy information like version number and tags for policy management, role bindings include details about what access level should be granted to a resource or a user. IAM policies can include fields like a role, a principal, or a condition.
Some other functionalities of IAM include:
- Sharing the same set of rules and access with multiple users, or groups.
- Granting different minute level permissions to different users based on individual resource requirements.
- Integrating IAM policies with MFA (Multi-Factor Authentication) to enhance authentication security.
- Maintaining compliance with PCI DSS standards.
Security and IAM policies go hand in hand in the case of GitOps. When cloud modules are utilized in a pipeline, their security features should also be incorporated in the code, if not directly then at least through secure APIs.
In cloud-native application deployments, along with efficiency and convenience, the associated security risks have also surged. GitOps resolves many of those risks due to its emphasis on security that’s baked-in from the start. Integrating the necessary security checks and testing with IAM policies can improve the overall security of your pipeline - and this is what GitOps enables better than any previous software delivery approach.