6 Security layer 4: securing the delivery pipeline

 

This chapter covers

  • Controlling permissions granted to users and third parties in GitHub and CircleCI
  • Protecting source code from modifications with Git commits and tag signing
  • Managing permissions in Docker Hub
  • Managing deployment permissions in AWS
  • Distributing configuration secrets safely in AWS

So far, we’ve talked about protecting services as they run in a production environment. In this chapter, we’ll shift our focus to the infrastructure that takes the code from developers and brings it to the production environment. Continuous integration and continuous delivery are great tools to accelerate development cycles, but they come with their share of security concerns. Mainly, the increased reliance on third-party services to host, test, build, and ship code opens the door to misconfigurations that can let attackers take control of the application code. We’ll talk about how to prevent our code and configuration from being altered as it transits through the pipeline, from the developer computer to the cloud. Our goal is to make sure the code running in the production infrastructure is the code the developers intended to run when writing the application.

6.1 Access control to code-management infrastructure

6.1.1 Managing permissions in a GitHub organization

6.1.2 Managing permissions between GitHub and CircleCI

6.1.3 Signing commits and tags with Git

6.2 Access control for container storage

6.2.1 Managing permissions between Docker Hub and CircleCI

6.2.2 Signing containers with Docker Content Trust

6.3 Access control for infrastructure management

6.3.1 Managing permissions using AWS roles and policies

6.3.2 Distributing secrets to production systems

Summary