6 Security layer 4: securing the delivery pipeline

This chapter covers

Controlling permissions granted to users and third parties in GitHub and CircleCI
Protecting source code from modifications with Git commits and tag signing
Managing permissions in Docker Hub
Managing deployment permissions in AWS
Distributing configuration secrets safely in AWS

So far, we’ve talked about protecting services as they run in a production environment. In this chapter, we’ll shift our focus to the infrastructure that takes the code from developers and brings it to the production environment. Continuous integration and continuous delivery are great tools to accelerate development cycles, but they come with their share of security concerns. Mainly, the increased ...

Get Securing DevOps now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Securing DevOps by Julien Vehent

6 Security layer 4: securing the delivery pipeline

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly