|
|
|
|
|
|
by oneplane
251 days ago
|
|
|
The problem was that the user's credentials were revoked but because the root account was a shared credential it wasn't revoked. Was the break-glass account also a user-specific account, it would have fit in with any 'revoke anything for user XYZ' workflow instead of being a root account edge-case. So, in short, this would likely have prevented this, as the normal off boarding for user-bound credentials worked out fine already. |
|
|