Best Practices for User and Permission Management in DevOps/SRE

This series shares DevOps/SRE best practices aimed at improving the stability and security of projects, especially for newcomers to the field.

Establish Individual User Accounts

Each user should have a unique account rather than sharing credentials, which clarifies ownership, simplifies permission management, and reduces the risk of credential leakage.

Legal verification of user identity

Improved system security

Personalized settings for each user

Facilitates audit and troubleshooting

Limits impact of credential compromise

Disadvantages

Increased management complexity

Establish Dedicated Service Accounts

Automation tools that interact with platforms need their own service accounts (e.g., svc_machine ), often with a naming convention to indicate purpose.

Enhances system security by isolating service access

Improves auditability of automated actions

Allows fine‑grained permission control per service

Disadvantages

Higher management overhead for multiple platforms

Not suitable for very small systems

Reduce Use of Privileged (Root) Accounts

Avoid using root or highly privileged accounts for routine tasks; enforce strong passwords, MFA, and audit logging for any privileged access.

Improves security by limiting damage from credential leaks

Reduces risk of accidental or malicious system changes

Disadvantages

Potential loss of efficiency when elevated rights are needed

Some services may require privileged access, causing failures if not granted

Use Roles Instead of User Accounts

Assign users to roles that encapsulate required permissions; platforms like AWS support temporary role credentials.

Enhances security by reducing long‑lived credentials

Simplifies management of permissions

Provides flexibility to grant temporary access

Disadvantages

Increased configuration complexity

Potential latency when credentials need renewal

Requires careful permission design to avoid over‑privilege

Not all platforms support role‑based temporary credentials

Regularly Rotate Long‑Term Credentials

Periodically change passwords, access keys, and certificates to limit exposure if compromised.

Limits impact of credential leaks

Reduces the window of exposure

Helps meet compliance standards (e.g., PCI‑DSS)

Disadvantages

Requires service downtime or coordination

High communication overhead among teams

Risk of configuration errors causing outages

Additional management cost for secret storage and monitoring

Principle of Least Privilege

Grant only the minimum permissions required for a user or program to perform its tasks.

Reduces risk of security vulnerabilities

Limits data leakage exposure

Simplifies permission management and auditing

Disadvantages

May increase management complexity

Can affect developer productivity due to frequent permission adjustments

Potentially raises development costs

Regularly Remove Unused Users, Roles, and Permissions

Periodically audit and disable credentials that are no longer in use to reduce attack surface.

Decreases impact of credential leakage

Lowers management and audit overhead

Reduces confusion by focusing on active entities

Disadvantages

Risk of accidental deletion causing service disruption

Additional workload for regular checks

Separate Development, Testing, and Production Environment Permissions

Apply distinct permission sets for each environment to protect production while granting flexibility in non‑production stages.

Improves production security

Boosts productivity in dev/test environments

Disadvantages

Complex approval process for emergency production access

Enforce Strong Password Policies

Require passwords of at least 12 characters with mixed case, numbers, and symbols; avoid reuse and personal information.

Increases account security

Prevents credential stuffing attacks

Reduces data loss risk

Disadvantages

May degrade user experience and increase forgetfulness

Encourages use of password managers or insecure workarounds

Enable Multi‑Factor Authentication (MFA)

Add an extra verification factor (e.g., authenticator app, hardware token) to protect accounts.

Provides layered security

Minimizes account takeover risk

Helps meet regulatory requirements

Disadvantages

Increases login complexity and time

Depends on additional devices or apps

Loss or damage of MFA device can lock users out

Enable Audit Logging

Record actions for at least six months to support security monitoring, compliance, troubleshooting, and forensics.

Provides full visibility of activities

Supports compliance and investigations

Aids fault diagnosis and recovery

Offers insights into resource usage patterns

Disadvantages

Increases storage costs

Requires tooling to process large log volumes

May contain sensitive data, raising privacy concerns

Overall, adopting these practices helps build a robust, secure, and efficient DevOps/SRE environment.