Flux Security Deep Dive: Authorization, Multitenancy, and GitOps

Dive deep into the security aspects of Flux v2 in this 38-minute conference talk by Stefan Prodan from Weaveworks. Explore the Flux authorization model and its relationship to Kubernetes RBAC and account impersonation. Compare soft and hard multitenancy models from a GitOps perspective. Discover configuration options for platform admins to secure Flux in multitenant environments and learn how to onboard tenants using the Flux CLI and Git. Gain insights into the Flux roadmap for 2022. Cover topics including Flux project overview, GitOps Continuous Delivery, Flux components, release pipeline, artifacts, competition comparison, user trust, security measures, update procedures, Git secret safety, secret operations, and tenant isolation boundaries.

Intro
Flux - Project overview
Flux - GitOps Continuous Delivery
What is Flux made of?
Flux -release pipeline
Flux -release artifacts
Flux vs competition?
Who trusts in Flux?
How secure is Flux ?
Is Flux bulletproof?
How to keep Flux up-to-date?
Are my secrets safe in Git?
Secrets operations
Tenant isolation boundaries