/plushcap/analysis/gitpod/gitpod-how-we-built-it-zero-trust-architecture

How we built it: a zero-trust architecture for cloud development environments

What's this blog post about?

On October 1, 2024, Gitpod Flex was launched as the first automation platform for zero-trust cloud development environments. The system is built around the 'principals concept' for users, runners, environments, and accounts. It uses JWT tokens for authentication and authorization, with the management plane being the only entity authorized to issue tokens. Gitpod Flex also supports a multi-tenancy model using organizations, allowing users to be logged into multiple organizations simultaneously while maintaining strict isolation between them. The platform's architecture is designed to embody the core principles of 'zero trust', ensuring security is built into its DNA and providing a foundation for future features and extensions that inherit this security-first approach.

Company
Gitpod

Date published
Oct. 1, 2024

Author(s)
Christian Weichel

Word count
1282

Hacker News points
None found.

Language
English


By Matt Makai. 2021-2024.