TL;DR: Granular access control can be supported while reducing duplicate administration and privilege creep through shared vault items, nested collections, permission toggles, and custom roles, according to Bitwarden. The wider lesson is that access governance succeeds when assignment, deletion, and delegation are explicit rather than inherited by accident.
NHIMG editorial — based on content published by Bitwarden: collection-based access control for shared vault items
Questions worth separating out
Q: How should teams prevent privilege creep in shared vault collections?
A: Use separate permissions for viewing, editing, managing membership, and deleting collections.
Q: Why do nested collections create governance risk if access is inherited automatically?
A: Automatic inheritance turns a tidy folder structure into an implicit authorisation rule, which can expose more sensitive items than intended.
Q: How do collection management settings affect delegated administration?
A: They determine whether admins and owners can create, delete, and manage all collections or only the ones they are explicitly assigned to.
Practitioner guidance
- Separate use from management rights Define who can view items, who can edit items, who can manage collection membership, and who can delete collections.
- Audit nested collection inheritance assumptions Review every subcollection to confirm that access is intentionally assigned rather than copied from a parent structure.
- Restrict collection creation and deletion Limit creation and deletion to owners or admins unless there is a clear operational need for self-service.
👉 Read Bitwarden's analysis of collection-based access control for shared vault items →
Bitwarden collections and access control: what IAM teams should notice?
Explore further
Collections expose the real governance problem: shared access is easy, but controlled delegation is hard. Bitwarden’s model shows that modern access control is no longer just about granting visibility to a secret. It is about separating use, management, and deletion so that collaboration does not turn into uncontrolled privilege growth. For IAM teams, this is a reminder that the governance surface is the delegation model, not the vault alone.
A few things that frame the scale:
- 4.6% of all public GitHub repositories contain at least one hardcoded secret, according to The State of Secrets Sprawl 2025.
- 15% of commit authors have leaked at least one secret in their contribution history, according to The State of Secrets Sprawl 2025.
A question worth separating out:
Q: Who should own collection access when multiple teams share sensitive items?
A: Ownership should sit with the smallest role that can safely manage the collection, usually a team lead or designated admin rather than every member. That person should be accountable for membership changes, deletion rights, and periodic review. Shared access works best when ownership is clear and bounded.
👉 Read our full editorial: Bitwarden collections show how granular access control scales