Think about the lifecycle of a typical microservice. In its journey from a developer’s laptop computer to manufacturing, it’d generate a dozen distinct identities: a GitHub token for the repository, a CI/CD service account for the construct, a registry credential to push the container, and a number of runtime roles to entry databases, queues and logging providers.
The issue isn’t just quantity; it’s invisibility. When a developer leaves, HR triggers an offboarding course of. Their e mail is minimize, their badge stops working. However what concerning the 5 service accounts they hardcoded right into a deployment script three years in the past? These normally keep energetic, unmonitored, ready for somebody to search out them. Usually, these “zombie identities” retain administrative privileges lengthy after their authentic goal has vanished, just because nobody is courageous sufficient to show them off.
The “take a look at tenant” lure
I’ve seen too many groups fall into the lure of considering a take a look at atmosphere doesn’t matter. “It’s simply dev,” they are saying. “There’s no actual buyer knowledge there.” This complacency is deadly as a result of id boundaries are not often as clear as we expect they’re.
