Cloud management platforms and identity governance: what’s missing?

TL;DR: Cloud management platforms centralize orchestration, cost, monitoring, and security controls across hybrid environments, but the source article shows that identity, governance, and compliance remain only one part of the stack according to Zluri. The practical issue is that cloud control planes can simplify operations without solving who or what should hold access, how that access is reviewed, or when it should be revoked.

NHIMG editorial — based on content published by Zluri: IT Teams 14 Best Cloud Management Platforms in 2026

Questions worth separating out

Q: How should security teams govern access in cloud management platforms?

A: They should treat the CMP as an access broker, not just an operations tool.

Q: Why do cloud management platforms create non-human identity risk?

A: Because every automated workflow can create credentials, delegated permissions, and service accounts that persist beyond the task they were meant to support.

Q: What do teams get wrong about policy-based controls in cloud platforms?

A: They assume policy checks and RBAC are enough on their own.

Practitioner guidance

• Bind CMP actions to named identities Require every provisioning, orchestration, and de-provisioning action to resolve to a specific human, service account, or automation identity before the platform is approved for broad use.
• Inventory non-human identities created by workflows Track the service accounts, API keys, tokens, and certificates generated by self-service catalog items, automation jobs, and cloud templates, then assign owners and expiry rules.
• Connect audit logs to entitlement lifecycle Review whether logs show who approved access, what permissions were granted, when they were last used, and whether they were revoked after the workflow completed.

What's in the full article

Zluri's full blog post covers the vendor-by-vendor feature detail this analysis intentionally leaves for the source:

• Feature-by-feature breakdown of the 14 cloud management platforms and their stated capabilities
• Vendor-specific descriptions of security, governance, and cost-management functions across different cloud estates
• Customer ratings and product-positioning detail for each platform, which implementation teams may want to compare directly
• The article's own buying checklist for evaluating cloud management platforms in context

👉 Read Zluri's guide to the 14 best cloud management platforms in 2026 →

Cloud management platforms and identity governance: what’s missing?

Explore further

View Full Forum →  |  NHI Foundation Course →