TL;DR: Your cloud has a machine identity crisis hiding in plain sight. For every engineer on your payroll, about 45 non-human identities are already signed in and running. They include service accounts, API keys, workload identities, and AI agent tokens. Old IAM governance was built for joiners and leavers, and it can't see them. This article walks through a four-pillar framework and a 30-day plan for workload identity governance. The plan closes the gap before side movement becomes a breach.
Key Takeaways: - Machine identities outnumber human engineers by about 45 to 1 on average, and some firms hit 82 to 1. Attackers are mapping this surface first. - Human-focused IAM governance is blind to service accounts and workload identities. CI/CD pipelines and AI agents spawn them on their own. - Workload identity federation, mTLS service meshes, and behavioral baselining are the real controls. They shrink the blast radius in days, not quarters.
The Ratio That Should Keep CISOs Awake at Night

You have a machine identity crisis, not a human access problem. For every engineer in your org, about 45 service accounts, API keys, workload identities, and AI agents are already signed into your cloud. Attackers have been quietly mapping that surface for months.
The math gets worse the deeper you look. Some firms report ratios as high as 82 to 1. CyberArk measured mature cloud environments and found this number. Other academic studies of the average firm show 43 to 1. Each of those identities is a signed-in principal with its own blast radius.
Unlike human users, machine identities never log off. They never rotate their passwords on their own. They build up permissions over time without end. CI/CD pipelines, monitoring agents, and batch jobs all need broad access to do their jobs. Each new integration grants more permissions than the last one. Nothing revokes them when the work is done.
The governance problem is structural, not accidental. Every microservice you deploy creates a new identity. Every Kubernetes pod that spins up creates a new identity. Every AI inference call you serve creates a new identity. Nothing prunes them when the workload is retired. Your IAM dashboard shows a clean human user count in the hundreds. The actual identity count is much larger once you include the machine layer.
This is the blind spot. It makes cloud security solutions built for human-focused IAM weak against modern side movement. The attackers aren't breaking in. They log in with credentials nobody is watching. But here's what makes this worse. Most firms don't even know how many machine identities they have. They also don't know what those identities are doing each day.
Why Traditional IAM Governance Misses the Machine Identity Surface
Identity governance programs were built around joiner-mover-leaver flows for humans. An employee joins, gets set up. They move teams, get set up again. They leave, get torn down. None of that applies to a service account. A CI/CD pipeline spawned the account at 2 a.m. when an engineer ran `terraform apply` to deploy a new microservice.
The tooling gap is stark and clear. Most cloud IAM dashboards show human roles and group memberships. They don't show workload identity bindings at all. Quarterly access reviews are the backbone of compliance programs. They look at employee entitlements. Machine credentials are basically invisible to those reviews. An auditor asks "who has access to the production data warehouse?" The auditor gets a clean answer about human users. Nobody asks "which workload identities can reach the same warehouse?" That question doesn't fit the access review template.
Service account sprawl is structural, not accidental. Every microservice creates an identity. Every Kubernetes namespace creates a ServiceAccount. Every AI agent deployed through LangChain or AutoGen signs in with its own token. When a workload is retired, the identity doesn't auto-delete on its own. It just becomes an orphaned credential. Attackers can find and weaponize it later.
The zero trust marketing pitch has been around for years. Most setups focus on human network access, not workload identity binding. The result is a posture that's tight at the edge and full of holes at the service-to-service layer.
Attackers use this gap in a planned, steady way. They list workload identity metadata from public sources. Then they pivot through the weakest service principal to reach production data stores. We've covered how federated trust misconfigurations allow this in Why Your Federated Workload Trusts the Wrong Tenant. The pattern is steady. An identity was issued with the right intent at first. It was scoped too broadly. Nobody noticed because the governance tooling doesn't model the workload layer at all.
So how do attackers map a machine identity surface they were never given access to in the first place?
How Attackers Map Your Machine Identity Surface
The recon phase is fast in an embarrassing way. Attackers scan public GitHub repos for keys. They scan container registries for tokens. They scan leaked `.env` files for service account keys, OAuth client secrets, and JSON credential blobs. A single leaked `.env` file in a public repo can hand over a service account key. That key may have broad permissions on a cloud project.
Once they have one key, they test it against cloud metadata endpoints. On AWS, that's the IMDS endpoint at `169.254.169.254`. GCP and Azure have the same kind of endpoint. If IMDSv1 is enabled, the attacker pivots fast. IMDSv1 is hop-based and needs no session token. The attacker moves from a leaked key to stealing temp credentials for an IAM role. That role has broader permissions. The whole sequence takes seconds.
Side mapping is where the damage grows fast. Cloud IAM's transitive trust means service account A can assume role B. Role B can read from a cross-project bucket. An attacker chains A to B to the production data store. All this happens before your monitoring catches the pivot. The attack graph is the attacker's roadmap. They build it faster than your incident response team can read it.
The persistence layer is what makes machine identities uniquely risky. No one notices a service account "logging in" from a new IP. It looks like normal cloud-to-cloud traffic. The credential is valid and active. The API calls are real. The anomaly detection rules you wrote for human users don't fire on a service principal at all.
The mapped graph is then sold on access broker forums. Or it's used right away for ransomware staging. Machine identity credentials are now a leading way attackers get in to cloud-native breaches. This is in large part because they last far longer than stolen human credentials. Nobody rotates them on a schedule.
The fix is not more human-focused governance. It needs a different discipline from scratch. One built for workload identity, not workforce identity.
The Four-Pillar Framework for Non-Human Identity Governance

Pillar 1: Discovery. You can't govern what you can't see at all. Keep listing every machine identity across your cloud accounts, Kubernetes clusters, and SaaS links. The output is a graph. It maps every service account, every API key, and every workload identity. Each one ties to its owner, its purpose, and its effective permissions. If the graph doesn't exist, the governance program is theatre.
Pillar 2: Identity provenance. Tag every service account and API key with ownership metadata at setup. The tag should include team, service, purpose, creation date, and expiration date. Not after the fact. After-the-fact tagging is a forensics job. Setup-time tagging is a control. The metadata must be machine-readable. Then automated policies can enforce ownership and prune orphans.
Pillar 3: Least privilege at birth. Issue workload identities with scoped, short-lived credentials. Use OIDC tokens, mTLS certificates, and SPIFFE IDs. Do not use long-lived static keys. A workload that needs to call S3 for 15 minutes should get a 15-minute credential. It should not get a static access key with no end date. This is the workload identity model. It kills the whole class of "leaked long-lived key" breach.
Pillar 4: Continuous verification. Watch machine identity behavior against a baseline. Flag oddities in region, API call pattern, timing, and volume. Auto-rotate stolen credentials. Don't wait for a quarterly review. The monitoring must run on identity-aware signals, not just network logs.
These four pillars form the identity governance layer. They close the gap between what your CISO thinks is happening and what attackers are really mapping today.
Here's what each pillar looks like in a real cloud IAM setup this week.
Implementation: From Sprawl to Workload Identity in 30 Days
Week 1: Run a machine identity census. Pull every service account, API key, federated identity, and OAuth client from your cloud IAM APIs. Cross-check against active workloads in your cloud. Look at running pods, deployed functions, and active CI jobs. Find dead identities that no longer have a workload behind them.
1# Enumerate GCP service accounts across all projects2gcloud projects list --format="value(projectId)" | \3 xargs -I {} gcloud iam service-accounts list --project={} --format="value(email)"45# Kubernetes: dump every ServiceAccount with creation date6kubectl get serviceaccounts -A -o custom-columns=\7NAMESPACE:.metadata.namespace,\8NAME:.metadata.name,\9CREATED:.metadata.creationTimestamp
Week 2: Stand up workload identity federation. Replace static service account keys with federated workload identity. The mechanism differs per cloud provider, but the model is the same. Prove who you are in a crypto way. Get a short-lived token back. Then use it for the call.
1# GCP Workload Identity Federation: bind a K8s SA to a GCP SA2apiVersion: v13kind: ServiceAccount4metadata:5 name: my-workload6 namespace: production7 annotations:8 iam.gke.io/gcp-service-account: my-app@my-project.iam.gserviceaccount.com
1// AWS IAM Roles Anywhere trust policy2{3 "Version": "2012-10-17",4 "Statement": [{5 "Effect": "Allow",6 "Principal": { "Service": "rolesanywhere.amazonaws.com" },7 "Action": "sts:AssumeRole",8 "Condition": {9 "StringEquals": {10 "aws:PrincipalTag/x509Subject/CN": "spiffe://prod/my-workload"11 }12 }13 }]14}
Week 3: Enforce mTLS at the service mesh layer. With Istio or Linkerd, identity check happens at the network layer, not just at IAM. Every pod gets a SPIFFE identity at startup. Service-to-service calls are encrypted and signed in by default. We've written about the gaps this closes in Why Your Service Mesh mTLS Is a Hidden Backdoor. We've also written about it in mTLS Won't Stop Mesh Data Leaks. The key is that mesh identity must tie to workload identity. It must not be bolted on as a separate concern later.
1# Istio: enforce strict mTLS for a namespace2apiVersion: security.istio.io/v1beta13kind: PeerAuthentication4metadata:5 name: default6 namespace: production7spec:8 mtls:9 mode: STRICT
Week 4: Automate rotation and anomaly detection. Wire up credential rotation to your CI/CD pipeline. Add behavioral baselining for workload identity use in your cloud. Look at odd regions, odd APIs, and odd timing in the calls. When a workload identity calls KMS from a region it has never used, you want an alert. The alert should fire before the data leak completes.
This 30-day program is not a theory framework on paper. It's the sequence that mature cloud-native teams run in practice. It's the same shape we see across regulated firm setups. What does a firm look like once it has this under control?
What Changes When You Govern Machine Identities Properly
Your cloud blast radius shrinks a lot. A hacked pod gets a 15-minute credential, not a persistent key. Side movement needs re-authentication at every hop along the way. Each hop is logged with a SPIFFE identity. That identity ties to a specific workload. The attacker's mapped graph becomes useless to them. Every credential expires faster than they can chain it.
Audit posture changes in a big way. CISO reporting shifts from "we have X thousand service accounts, owned by no one in particular" (a liability). It shifts to "every workload identity is owned, scoped, and short-lived" (a control). The cloud infrastructure talk changes from risk list to control maturity.
Incident response speeds up across the board. With a machine identity graph, the question "what could this credential reach?" answers itself. You trace the SPIFFE ID through the mesh. You follow the IAM policy bindings. You get a blast radius map without digging through old logs. This is the inverse of the Attackers Move Laterally in 4 Minutes. Your SIEM Alerts in 4 Days. problem. The SIEM becomes a control, not a postmortem tool.
Board talks change as well. Instead of explaining the next breach, you explain the governance maturity that prevented it. Machine identity governance becomes a competitive edge for the firm. This matters most for firms in regulated fields that handle sensitive data.
The framework is not optional anymore. Attackers are mapping your machine identity surface today. The only question is whether you'll have it mapped and governed before they weaponize what they find.
Frequently Asked Questions
What is a non-human identity in cloud IAM?
A non-human identity is any signed-in principal that is not a person. This includes service accounts, API keys, OAuth client credentials, Kubernetes service accounts, machine learning workload identities, and AI agent credentials. They sign in to cloud resources in a programmatic way. They often hold broader permissions than human users in the same firm.
How do I discover all machine identities in my cloud environment?
Enumerate using your cloud IAM APIs (AWS IAM, Azure AD app registrations, GCP service accounts). Scan Kubernetes for ServiceAccount objects in each cluster. Audit secrets managers and CI/CD pipelines for API keys. The output should be a graph. The graph maps every identity to its owner, purpose, and effective permissions in one place.
What is workload identity and why does it matter?
Workload identity is a short-lived credential that can be checked in a crypto way. It's issued to a specific piece of code (a pod, a function, a microservice). It is not a static key stored in config files. It matters because it removes the long-lived secrets that attackers most often exploit. They exploit them for side movement in cloud environments every day.
How is machine identity governance different from human identity governance?
Human identity governance runs on joiner-mover-leaver cycles in HR. It also uses quarterly access reviews and SSO for sign-in. Machine identity governance needs constant discovery, provenance tagging at setup, short-lived credential issuance, and behavioral baselining. This is because machines don't have HR events to trigger reviews on a schedule.
What is service account sprawl and how do I stop it?
Service account sprawl is the unchecked build-up of service accounts, API keys, and machine credentials over time. They pile up across cloud environments, often with overlapping permissions and no clear owner. You stop it by enforcing ownership metadata at creation time. You also auto-prune unused identities on a schedule. Then you replace static service account keys with federated workload identity across the board.
Sources
Research and references cited in this article:
- The Rise of Non-Human Identities: What They Are and How to Secure Them
- What Are Non Human Identities? Their Challenges and Solutions
- Non-Human Identities As The Next Big Security Risk
- What is a Non-Human Identity? Challenges & Best Practices
- What are Non-Human Identities (NHIs)? | CrowdStrike
- PDF Use Secure Cloud Identity and Access Management Practices
- Workload Identities: The New Attack Surface in M365
- Real-Life Examples of Non-Human Identity Security Breaches and What to Do About Them (Updated Regularly)
- An Introduction to Workload Identity and Access Management
- 17 Security Risks of Cloud Computing in 2026
- Introducing Machine Identity Management to strengthen IAM for non-human identities | IBM
- Non-Human Identity Security: Why Machine Identities Are the New Attack Surface
About the author
Mayank Singh is a software developer at Levitation Infotech, where he builds web and AI-powered applications across the company’s fintech, healthcare, and enterprise projects.
