Trust, Data, and Access Model
This page explains the customer-facing security model for DevOps Genie.
Access model
| Access type | Purpose | Where it is configured |
|---|---|---|
| Cloud account access | Read resource metadata, evaluate security findings, and calculate compliance posture. | Cloud Accounts > Add Cloud Account |
| Agent API key | Let the DevOps Genie Agent authenticate to your organization. | Integrations agent setup |
| Image pull credentials | Let Kubernetes pull DevOps Genie Agent images. | Kubernetes Secret or external secret manager |
| VCS access | Let the agent create branches and pull requests. | Agent Helm values and Kubernetes Secret or external secret manager |
Cloud account credentials
Cloud credentials used for platform-side scanning are stored encrypted and used for scan and compliance workflows. The recommended access level is read-oriented. DevOps Genie does not need write access for cloud security scanning.
Agent-side credentials
The DevOps Genie Agent runs in your Kubernetes environment. VCS tokens, workload identity, and other execution credentials should be stored in Kubernetes Secrets or your external secret manager. The agent uses them to perform configured tasks and report results back to DevOps Genie.
Product data
DevOps Genie stores product data needed to operate the service:
- Organization and user metadata.
- Cloud account metadata.
- Scan history.
- Findings and compliance state.
- AI Assistant conversations and task status.
- Agent registration and connection status.
Finding lifecycle
Findings move through customer-facing states:
| State | Meaning |
|---|---|
| Open | Active issue detected by a scan. |
| Acknowledged | Reviewed but still active. |
| Accepted risk | Approved exception, optionally with expiry. |
| Resolved | No longer detected after scanning. |
Acknowledgment is triage. Accepted risk is a compliance decision.
Transport security
DevOps Genie product traffic uses encrypted transport. The DevOps Genie Agent initiates outbound secure connectivity to the platform; customers do not need to expose inbound cluster access for the agent.