Heads up! On October 1, we introduced Gitpod Flex. You can swap between documentation by using the switcher in the left navigation bar.

Security Considerations

Access Control Mechanisms

The Gitpod Gateway implements multiple layers of access control:

  • API Authentication: All requests to the Gateway Server API require a valid JWT token.

  • Nebula Certificates: Nodes in the network authenticate using their Nebula certificates.

  • Firewall Rules: The Gateway Server defines and enforces firewall rules based on node groups.

  • IAM Roles: AWS IAM roles control access to AWS resources.

Network Security Features

  • Encryption: The Nebula network encrypts all traffic.

  • Network Isolation: The Gateway components deploy in private subnets with controlled internet access.

  • Security Groups: AWS security groups restrict traffic between components.

Was this helpful?