Accounts
Accounts represent privileged identities associated with managed resources. They support access, rotation, reconciliation, or verification depending on the resource type.
Account categories
Section titled “Account categories”Common categories include managed accounts, reconcile accounts, and temporary or brokered session identities. Keep naming explicit so operators understand the account purpose.
Stewardship
Section titled “Stewardship”Account records connect resource ownership, rotation expectations, and audit history.
Safety
Section titled “Safety”Do not use production administrator accounts for early testing. Create lab accounts with limited blast radius and documented cleanup steps.