This chapter covers
- Controlling permissions granted to users and third parties in GitHub and CircleCI
- Protecting source code from modifications with Git commits and tag signing
- Managing permissions in Docker Hub
- Managing deployment permissions in AWS
- Distributing configuration secrets safely in AWS
So far, we’ve talked about protecting services as they run in a production environment. In this chapter, we’ll shift our focus to the infrastructure that takes the code from developers and brings it to the production environment. Continuous integration and continuous delivery are great tools to accelerate development cycles, but they come with their share of security concerns. Mainly, the increased ...