[brikil]

It's remarkable that cloud providers don't offer a simple authorization-centric view of data access today. It reminds me of AWS's hands-off approach to locking down S3 buckets for so long. They are happy to sell you the gun and ammo and it's not their fault when you shoot yourself in the foot.

[ausal7705]

I was at (even a small) Azure shop for a while, and I'm not sure anyone could easily tell who could get at what, and why, as contractors came and went. The ability to see clearly into authorization across systems would be instrumental to making sense of years of inconsistently applied (or iterative at best) access controls.