Kim Schaefer
Senior DevOps Engineer
Austin, Texas, United States
Actions
Kim Schaefer is a Senior DevOps and Cloud Engineer focused on Kubernetes, GitOps, and secure platform engineering. She designs and operates production Kubernetes platforms on Google Cloud, with a particular interest in how deployment authority, auditability, and automation intersect in real-world systems.
Kim’s work centers on building GitOps platforms that teams can actually trust in production, especially in environments where change must be deliberate, accountable, and defensible. She enjoys translating complex architectural and security requirements into practical patterns that platform and application teams can adopt without sacrificing developer experience.
Kim is an open-source contributor and has previously spoken at Open Source Summit and GrafanaCON. She is especially passionate about sharing lessons learned from operating real systems—what breaks, what scales, and where architectural assumptions tend to fall apart.
Area of Expertise
Topics
Where Deployment Authority Lives: A Cloud-Native Design Pitfall in GitOps
Many cloud-native GitOps systems quietly treat a Git merge as both a change proposal and a deployment authorization. While this works in low-risk environments, it collapses two very different responsibilities into a single decision. As systems grow more complex, that shortcut creates ambiguity around authorization, accountability, and audit trails that many environments simply cannot tolerate.
In this lightning talk, we’ll reframe that assumption as a cloud-native architectural concern, not just a tooling or security issue. Using GitOps as the example, we’ll look at how proposal, approval, and enforcement often become unintentionally coupled, and why that coupling makes it harder to reason about who is actually allowed to deploy.
The talk will walk through the architectural implications of letting Git act as the final authority, including where deployment decisions truly occur and how auditability and accountability can be lost when authority boundaries are unclear. We’ll then show how treating deployment authorization as a first-class architectural concept leads to clearer responsibility boundaries and more defensible cloud-native systems.
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top