They should make the shift when repeated user creation, grant changes, and revocation tasks start consuming operational time across multiple servers. The trigger is not a specific instance count alone. It is the point where local administration no longer guarantees consistent entitlement management or reliable audit evidence.
Why This Matters for Security Teams
Per-instance MySQL administration works until the environment stops behaving like a handful of isolated databases and starts behaving like an identity system. At that point, every local user, grant, and revocation becomes a control decision with audit impact. The issue is not just convenience. It is whether entitlement changes stay consistent across servers and whether access evidence can be trusted during an incident or compliance review.
This is a familiar NHI pattern: administrative accounts accumulate, revocation lags, and the organisation loses a clear picture of who can reach what. NHIMG’s Ultimate Guide to NHIs shows that only 5.7% of organisations have full visibility into their service accounts, which is exactly the kind of visibility gap that makes local MySQL administration fragile. The control problem is also aligned with broader identity guidance in the NIST Cybersecurity Framework 2.0, where consistent access governance and auditability are core outcomes.
In practice, many security teams discover the break point only after a database admin leaves, a grant is missed on one server, or a production incident reveals that three different instances were being managed differently.
How It Works in Practice
The shift usually happens in stages. First, local MySQL accounts are replaced or supplemented by a central identity and access workflow. That workflow may still apply instance-level privileges, but the source of truth moves out of the server and into a controlled process. The goal is not to eliminate database administration. The goal is to make user creation, privilege assignment, and revocation repeatable, reviewable, and consistent.
For most organisations, the practical model includes central approval, scripted provisioning, and automated deprovisioning. Access requests should map to business roles, but the actual grants should be issued through a controlled pipeline rather than hand-edited on each instance. Where MySQL is part of a larger platform, central control can also reduce drift between development, test, and production. This is consistent with the access governance direction described in NHIMG’s Ultimate Guide to NHIs — Key Challenges and Risks, where entitlement sprawl and weak offboarding are recurring failure modes.
- Use a single authority for approval and revocation, even if privileges are still applied per instance.
- Automate account lifecycle tasks so grants do not depend on individual database admins remembering each server.
- Log every entitlement change centrally so audit evidence is consistent across all instances.
- Prefer short-lived or tightly scoped administrative access for operators rather than standing broad privileges.
Current guidance suggests that centralisation becomes necessary when the number of manual entitlement events begins to exceed the team’s ability to review, replicate, and revoke changes reliably. That threshold is often reached before organisations expect it, especially when instances are duplicated across environments or when multiple teams share the same database tier. These controls tend to break down when each server has its own naming conventions, privilege model, or emergency access process because the central policy cannot be enforced uniformly.
Common Variations and Edge Cases
Tighter centralised access control often increases operational overhead at first, requiring organisations to balance consistency and auditability against setup effort and change-management friction. There is no universal standard for the exact migration point, so the practical decision depends on how much drift the team can tolerate and how often entitlements change.
One common edge case is a small environment with few instances but high turnover of developers, contractors, or service accounts. Even a low server count can justify centralisation if revocation is slow or if grant changes are frequently forgotten. Another case is highly regulated workloads, where the need for evidence may justify central control earlier than raw scale would suggest. The Ultimate Guide to NHIs — Standards is useful here because it frames identity governance as a lifecycle problem, not a one-time configuration task.
For teams comparing policy options, the most reliable signal is not instance count. It is whether local administration can still prove timely revocation, least privilege, and complete audit trails. When it cannot, per-instance control has already become a risk multiplier rather than an administrative convenience.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST AI RMF set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-03 | Centralised lifecycle control reduces stale MySQL entitlements and revocation gaps. |
| NIST CSF 2.0 | PR.AC-4 | Access permissions must be managed consistently across instances for auditability. |
| NIST AI RMF | Governance applies to any system where access decisions need traceable accountability. |
Move MySQL grants into a governed workflow and automate revocation when accounts change or expire.
Related resources from NHI Mgmt Group
- Should organisations replace bastion hosts with a broader access control plane?
- How can organisations run FIDO and CBA together without creating access sprawl?
- How can organisations tell whether contextual access decisions are improving governance?
- How do organisations know whether access friction is becoming a retention risk?
Deepen Your Knowledge
Reviewed and updated by the NHIMG editorial team on June 8, 2026.
NHI Mgmt Group — the #1 independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org
