What GitOps changes about elevated access

The State of GitOps report reveals that GitOps is perceived to reduce the need for elevated access in production environments, with 66% of industry respondents agreeing with this sentiment, a figure that rises to 77% among organizations with higher GitOps maturity. GitOps principles advocate for managing system states declaratively through version-controlled configuration, discouraging manual interventions by using reconciliation agents to maintain desired states. However, some high-performing teams express concerns that writing access to Git manifests for production environments could equate to elevated access, underscoring the need for strict governance of Git, reconciliation controllers, and other critical control points. The report acknowledges that while GitOps aims to minimize direct access to production, exceptions such as emergency responses or debugging may still necessitate temporary elevated access, emphasizing the importance of documented procedures for managing these scenarios. As organizations mature in their GitOps adoption, the focus shifts to securing new access surfaces and tooling, highlighting continuous improvement and education as key components of successful GitOps implementation.