Vault Sprawl Risk Patterns and a Secrets Governance Model for Multi-Team CI/CD
· 3 min read
Vault sprawl in multi-team CI/CD is usually a governance failure, not a tooling failure. The practical model that works is: short-lived identity-based access (OIDC/workload identity), path ownership boundaries, policy-as-code with review gates, and measurable rotation/usage controls per team.