Heads up!
On October 1, we introduced Gitpod Flex. You can swap between documentation by using the
switcher in the left navigation bar.
Security Considerations
Access Control Mechanisms
The Gitpod Gateway implements multiple layers of access control:
API Authentication: All requests to the Gateway Server API require a valid JWT token.
Nebula Certificates: Nodes in the network authenticate using their Nebula certificates.
Firewall Rules: The Gateway Server defines and enforces firewall rules based on node groups.
IAM Roles: AWS IAM roles control access to AWS resources.
Network Security Features
Encryption: The Nebula network encrypts all traffic.
Network Isolation: The Gateway components deploy in private subnets with controlled internet access.
Security Groups: AWS security groups restrict traffic between components.