Stop Delegating AI Decision: How Spec Kit Enforces Architectural Intent in Microsoft Entra

1
00:00:00,000 --> 00:00:02,860
A team asked an AI agent to just wire up Microsoft Graph

2
00:00:02,860 --> 00:00:05,880
in 10 minutes later they had a working app and directory,

3
00:00:05,880 --> 00:00:07,780
read right on all approved in production,

4
00:00:07,780 --> 00:00:09,820
the demo glowed, the audit later bled,

5
00:00:09,820 --> 00:00:12,740
here's the uncomfortable claim, you didn't misconfigure Entra.

6
00:00:12,740 --> 00:00:15,580
You abdicated architectural intent to a sampling engine.

7
00:00:15,580 --> 00:00:19,500
Every unstated decision, secrets over certs, broad scopes,

8
00:00:19,500 --> 00:00:22,140
for flexibility, silent redirects,

9
00:00:22,140 --> 00:00:25,380
moved your control plane from deterministic to probabilistic,

10
00:00:25,380 --> 00:00:28,660
delegation felt like speed until you measured the blast radius.

11
00:00:28,660 --> 00:00:31,700
Spec kit is the enforcement layer that restores design authority.

12
00:00:31,700 --> 00:00:34,980
If you felt drift, it wasn't magic, it was math you never blocked.

13
00:00:34,980 --> 00:00:38,260
Delegation feels like speed until you ordered it.

14
00:00:38,260 --> 00:00:41,000
The core misconception, AI as peer,

15
00:00:41,000 --> 00:00:44,780
most organizations quietly promote AI to architectural peer

16
00:00:44,780 --> 00:00:47,520
and then act surprised when governance dissolves.

17
00:00:47,520 --> 00:00:51,180
They paste a prompt, create an intraintegration for user onboarding,

18
00:00:51,180 --> 00:00:52,020
and wait.

19
00:00:52,020 --> 00:00:57,340
The result compiles, tokens flow, tests pass, the live forms.

20
00:00:57,340 --> 00:00:59,820
The model knows how we do security here.

21
00:00:59,820 --> 00:01:02,420
Claim, the model isn't deciding, it's sampling,

22
00:01:02,420 --> 00:01:04,700
it samples defaults, you didn't constrain

23
00:01:04,700 --> 00:01:06,300
and repeats them at scale.

24
00:01:06,300 --> 00:01:09,460
Concrete example, same prompt, create an intraintegration

25
00:01:09,460 --> 00:01:13,060
for user onboarding, choice one, authentication primitive,

26
00:01:13,060 --> 00:01:16,020
the model picks client secrets because they work everywhere

27
00:01:16,020 --> 00:01:18,200
and require fewer steps than certificates.

28
00:01:18,200 --> 00:01:20,820
Result, non-repudiation disappears,

29
00:01:20,820 --> 00:01:24,060
secret rollover becomes a calendar reminder, not a property.

30
00:01:24,060 --> 00:01:25,980
Choice two, SDK and flow.

31
00:01:25,980 --> 00:01:29,860
It selects graph SDK with authorization code plus PKCE

32
00:01:29,860 --> 00:01:32,580
because the corpus shouts works in browsers.

33
00:01:32,580 --> 00:01:34,740
You're building a demon, mismatched tolerated

34
00:01:34,740 --> 00:01:36,580
by code samples ignored by governance.

35
00:01:36,580 --> 00:01:40,620
Choice three, permission shape, it requests directory,

36
00:01:40,620 --> 00:01:44,560
read write, all and group, read write,

37
00:01:44,560 --> 00:01:46,980
all for flexibility during onboarding

38
00:01:46,980 --> 00:01:49,340
and quietly adds offline access.

39
00:01:49,340 --> 00:01:52,020
Everything works, your consent surface quadruples,

40
00:01:52,020 --> 00:01:54,300
choice four, redirect hygiene.

41
00:01:54,300 --> 00:01:58,220
It adds local host and wildcard death endpoints to speed testing.

42
00:01:58,220 --> 00:02:00,620
They merge then drift into production manifests

43
00:02:00,620 --> 00:02:04,420
through pipeline copies, consequence, everything works

44
00:02:04,420 --> 00:02:05,980
and governance silently breaks.

45
00:02:05,980 --> 00:02:07,860
You didn't get one app, you minted a pattern,

46
00:02:07,860 --> 00:02:09,340
it will replicate across repose

47
00:02:09,340 --> 00:02:12,420
because success is the most contagious artifact.

48
00:02:12,420 --> 00:02:15,180
Platform engineer, we approved one working example,

49
00:02:15,180 --> 00:02:16,860
we woke up with a family of them.

50
00:02:16,860 --> 00:02:20,940
Now the fast contrast, three repose, same prompt.

51
00:02:20,940 --> 00:02:24,660
RepoA uses secrets, repo B, device code in a demon,

52
00:02:24,660 --> 00:02:28,100
repo C, interactive flows with privileged scopes,

53
00:02:28,100 --> 00:02:29,900
all correct by documentation.

54
00:02:29,900 --> 00:02:31,540
None aligned to your identity policy,

55
00:02:31,540 --> 00:02:33,140
the model isn't a senior engineer,

56
00:02:33,140 --> 00:02:34,780
it's a distributed completion machine

57
00:02:34,780 --> 00:02:37,740
optimized for plausibility, not your constitution.

58
00:02:37,740 --> 00:02:39,460
That distinction matters.

59
00:02:39,460 --> 00:02:41,500
This is the predictable failure mode.

60
00:02:41,500 --> 00:02:44,100
You frame the model as a peer,

61
00:02:44,100 --> 00:02:46,900
expect judgment and handed ambiguity.

62
00:02:46,900 --> 00:02:49,220
It responds with statistical regularities,

63
00:02:49,220 --> 00:02:53,100
permissive scopes, broad flows, and UX first defaults,

64
00:02:53,100 --> 00:02:55,820
given a choice between specificity and convenience,

65
00:02:55,820 --> 00:02:57,900
it resolves to convenience.

66
00:02:57,900 --> 00:02:59,900
Always odd, identity architect,

67
00:02:59,900 --> 00:03:01,860
people think the model learned their policy.

68
00:03:01,860 --> 00:03:04,380
It learned the internet's policy, consequence,

69
00:03:04,380 --> 00:03:07,220
every generation event becomes an entropy generator,

70
00:03:07,220 --> 00:03:09,260
a valid artifact that diverges from intent

71
00:03:09,260 --> 00:03:11,660
by a few degrees, degrees that compound.

72
00:03:11,660 --> 00:03:14,100
You don't notice that one app, you notice that 47,

73
00:03:14,100 --> 00:03:16,220
but the mechanism started in your prompt,

74
00:03:16,220 --> 00:03:18,740
spec kit fix, reframe authority,

75
00:03:18,740 --> 00:03:21,940
bind intent to executable artifacts and fail closed.

76
00:03:21,940 --> 00:03:23,980
Constitution, define invariance once,

77
00:03:23,980 --> 00:03:25,420
no client secrets for workloads,

78
00:03:25,420 --> 00:03:27,820
no user-based exclusions in conditional access,

79
00:03:27,820 --> 00:03:29,780
scope allow lists per app class,

80
00:03:29,780 --> 00:03:31,860
certificate only for service principles,

81
00:03:31,860 --> 00:03:33,980
PIM for roles above threshold,

82
00:03:33,980 --> 00:03:36,540
specification for user onboarding,

83
00:03:36,540 --> 00:03:39,820
enumerate the exact operations and allowed scopes.

84
00:03:39,820 --> 00:03:43,620
ELD, user.fount, read all, group.read all,

85
00:03:43,620 --> 00:03:46,300
app role for write operations via an API,

86
00:03:46,300 --> 00:03:48,620
the auth model, demon with certificate,

87
00:03:48,620 --> 00:03:51,060
and redirect rules, no wildcards.

88
00:03:51,060 --> 00:03:54,300
Gates implement permission linters in CI,

89
00:03:54,300 --> 00:03:56,380
scope not allowed for app class reader,

90
00:03:56,380 --> 00:03:58,140
outage linters in deploy,

91
00:03:58,140 --> 00:04:00,660
client secret creation, blocked in production,

92
00:04:00,660 --> 00:04:03,100
and policy compilers for conditional access,

93
00:04:03,100 --> 00:04:05,540
user exclusion detected, denied.

94
00:04:05,540 --> 00:04:07,140
Walk it.

95
00:04:07,140 --> 00:04:09,300
The same prompt lands in an environment

96
00:04:09,300 --> 00:04:12,820
that compiles against rules, attempt to request directory.

97
00:04:12,820 --> 00:04:15,620
Read write all, CI fails with,

98
00:04:15,620 --> 00:04:18,220
denied by class allow list, onboarding reader,

99
00:04:18,220 --> 00:04:20,500
use app role, onboarding prompt,

100
00:04:20,500 --> 00:04:23,220
writer via service API.

101
00:04:23,220 --> 00:04:26,260
Attempt to register a client secret, deploy fails,

102
00:04:26,260 --> 00:04:28,500
tenant invariant secrets prohibited for workloads,

103
00:04:28,500 --> 00:04:32,380
generate X509 certificate with template SCA to un-75

104
00:04:32,380 --> 00:04:33,980
and store in Key Vault.

105
00:04:33,980 --> 00:04:37,180
Attempt to use authorization code plus PKCE for a demon,

106
00:04:37,180 --> 00:04:39,820
build fails, flow mismatch, use client credentials

107
00:04:39,820 --> 00:04:43,340
with certificate, attempt to add wildcard redirect,

108
00:04:43,340 --> 00:04:46,660
plan fails, redirect invariants explicit URIs only,

109
00:04:46,660 --> 00:04:48,660
see spec ID spec on board 001.

110
00:04:48,660 --> 00:04:50,420
Result, the model still generates,

111
00:04:50,420 --> 00:04:51,900
the wrong shapes can't cross the boundary.

112
00:04:51,900 --> 00:04:53,380
You didn't make the model smarter,

113
00:04:53,380 --> 00:04:56,220
you made the system deterministic.

114
00:04:56,220 --> 00:04:58,540
Security engineer, we didn't get stricter,

115
00:04:58,540 --> 00:05:00,380
we removed ways to be wrong.

116
00:05:00,380 --> 00:05:02,540
Consequence of this fix variance collapses,

117
00:05:02,540 --> 00:05:04,980
three repos, same prompt, different developers,

118
00:05:04,980 --> 00:05:07,620
outcomes converge, certificates approved scopes,

119
00:05:07,620 --> 00:05:10,380
correct flows, owned app objects, no wildcards,

120
00:05:10,380 --> 00:05:12,940
your peer stops sampling policy from the internet

121
00:05:12,940 --> 00:05:15,420
and starts compiling against your constitution.

122
00:05:15,420 --> 00:05:18,140
A quick micro story, a team migrated from prompts

123
00:05:18,140 --> 00:05:20,300
plus review to spec kit enforcement,

124
00:05:20,300 --> 00:05:22,460
week one, blocked permissions spiked,

125
00:05:22,460 --> 00:05:25,860
CI caught every overscoped request, week three spikes flattened

126
00:05:25,860 --> 00:05:27,940
as templates codified allowed shapes,

127
00:05:27,940 --> 00:05:29,860
month two, consent velocity down,

128
00:05:29,860 --> 00:05:31,980
standing privilege roles trending to zero,

129
00:05:31,980 --> 00:05:33,900
PM activations falling because least privilege

130
00:05:33,900 --> 00:05:36,060
made elevation unnecessary, nothing mystical,

131
00:05:36,060 --> 00:05:38,700
just gates doing work humans can't do its scale.

132
00:05:38,700 --> 00:05:40,780
Now let's draw the boundary line cleanly.

133
00:05:40,780 --> 00:05:43,460
Without spec kit, you ask the model samples,

134
00:05:43,460 --> 00:05:47,180
you review a subset, variance ships, drift accumulates,

135
00:05:47,180 --> 00:05:49,420
audit arrives, you negotiate.

136
00:05:49,420 --> 00:05:52,700
With spec kit, you ask the model samples,

137
00:05:52,700 --> 00:05:55,300
enforcement compiles, non-conforming shapes fail,

138
00:05:55,300 --> 00:05:57,940
templates encode the path, audit arrives,

139
00:05:57,940 --> 00:06:00,860
you produce artifacts, governance lead.

140
00:06:00,860 --> 00:06:04,140
Auditors don't certify your intent, they certify your compiler.

141
00:06:04,140 --> 00:06:05,940
The reason this works is mechanical sympathy

142
00:06:05,940 --> 00:06:08,580
with antras reality, it's a distributed decision engine.

143
00:06:08,580 --> 00:06:10,060
You don't persuade decision engines,

144
00:06:10,060 --> 00:06:12,220
you program them with rules they can't bypass.

145
00:06:12,220 --> 00:06:16,060
Policy as code isn't a slogan, it's a survival tactic

146
00:06:16,060 --> 00:06:17,940
when the throughput of decisions increases

147
00:06:17,940 --> 00:06:20,340
by orders of magnitude, one more fast contrast.

148
00:06:20,340 --> 00:06:23,540
We'll just prompt better versus we will enforce intent,

149
00:06:23,540 --> 00:06:26,300
better prompts are advisory gates are compulsory,

150
00:06:26,300 --> 00:06:28,340
in advisory systems people negotiate

151
00:06:28,340 --> 00:06:30,900
in compulsory systems outcomes converge.

152
00:06:30,900 --> 00:06:32,780
Take away, the model isn't deciding,

153
00:06:32,780 --> 00:06:35,660
it sampling bind intent to executable rules

154
00:06:35,660 --> 00:06:37,660
and sampling becomes safe.

155
00:06:37,660 --> 00:06:40,380
Entropy generators, how AI decisions accumulate,

156
00:06:40,380 --> 00:06:42,300
drift isn't dramatic, it's cumulative,

157
00:06:42,300 --> 00:06:44,980
it starts with small valid convenient choices

158
00:06:44,980 --> 00:06:47,940
you didn't constrain, then compounds into a topology

159
00:06:47,940 --> 00:06:49,540
you can't safely reason about.

160
00:06:49,540 --> 00:06:51,620
Concrete example, the team scaffolds

161
00:06:51,620 --> 00:06:53,660
an internal reader for onboarding.

162
00:06:53,660 --> 00:06:56,700
The agent grabs the graph SDK version it remembers,

163
00:06:56,700 --> 00:06:58,660
adds a helper that supports client secrets

164
00:06:58,660 --> 00:07:02,340
for compatibility, requests directory, read write,

165
00:07:02,340 --> 00:07:05,340
all to avoid blocking later, and drops in local host

166
00:07:05,340 --> 00:07:07,900
plus a wildcard redirect for quick testing.

167
00:07:07,900 --> 00:07:09,860
Nothing fails, everyone moves on.

168
00:07:09,860 --> 00:07:13,020
Consequence, one permissive app becomes 10 within a quarter.

169
00:07:13,020 --> 00:07:15,740
10 becomes 50 when copied across pipelines.

170
00:07:15,740 --> 00:07:18,340
Privilege grants rise not as a spike, but as a slope.

171
00:07:18,340 --> 00:07:21,100
By the time you notice your effective authorization graph

172
00:07:21,100 --> 00:07:24,460
has more write paths than you can audit in a sprint.

173
00:07:24,460 --> 00:07:28,060
Identity architect, you rarely see a single catastrophic decision,

174
00:07:28,060 --> 00:07:30,860
you see a thousand minor ones that all point downhill.

175
00:07:30,860 --> 00:07:33,260
Let's add a numerical scale so your brain can feel it.

176
00:07:33,260 --> 00:07:36,660
App one requests four privilege scopes, app two clones them.

177
00:07:36,660 --> 00:07:39,980
By month three, five squads have shipped similar services,

178
00:07:39,980 --> 00:07:42,980
each with three to five extra scopes just in case.

179
00:07:42,980 --> 00:07:44,980
That's roughly 40, 60 effective grants

180
00:07:44,980 --> 00:07:47,140
with write power spread across service principles,

181
00:07:47,140 --> 00:07:48,500
agents and tools.

182
00:07:48,500 --> 00:07:51,340
You don't get a SEV-1, you get a rising baseline of authority

183
00:07:51,340 --> 00:07:52,460
you didn't intend.

184
00:07:52,460 --> 00:07:54,620
Fast contrast, after enforcement,

185
00:07:54,620 --> 00:07:57,460
the same team ship more apps, velocity increases,

186
00:07:57,460 --> 00:07:59,740
but the count of privileged grants stays flat.

187
00:07:59,740 --> 00:08:00,580
Why?

188
00:08:00,580 --> 00:08:02,460
Because CI blocks non-allow listed scopes and templates

189
00:08:02,460 --> 00:08:05,300
encode the minimal set, through put up variance down.

190
00:08:05,300 --> 00:08:06,580
That's the shape you want.

191
00:08:06,580 --> 00:08:09,100
Now classify the generators so you can intercept them.

192
00:08:09,100 --> 00:08:11,020
Dependency entropy, the supply side.

193
00:08:11,020 --> 00:08:13,060
The agent selects libraries it has seen most,

194
00:08:13,060 --> 00:08:14,940
not the ones your standard requires.

195
00:08:14,940 --> 00:08:17,900
A token helper enables client secrets by default.

196
00:08:17,900 --> 00:08:20,980
A preview graph SDK sneaks in because it felt modern.

197
00:08:20,980 --> 00:08:23,540
Transatives explode your surface with capabilities

198
00:08:23,540 --> 00:08:24,900
you never asked for.

199
00:08:24,900 --> 00:08:27,900
Device code flows in demons, implicit auth shortcuts,

200
00:08:27,900 --> 00:08:30,180
silent retries that mask failures.

201
00:08:30,180 --> 00:08:33,380
Configuration entropy, the slow bleed, redirect wildcards

202
00:08:33,380 --> 00:08:35,780
justified by local testing, token lifetimes tweaked

203
00:08:35,780 --> 00:08:38,100
from example app names that violate your pattern

204
00:08:38,100 --> 00:08:40,980
so you can't query ownership later or missing owner assignments

205
00:08:40,980 --> 00:08:43,460
that become often principles in three quarters.

206
00:08:43,460 --> 00:08:46,020
Each setting looks harmless, together they make state ambiguous

207
00:08:46,020 --> 00:08:47,500
and cleaner brisky.

208
00:08:47,500 --> 00:08:49,900
Authorization entropy, the expensive one.

209
00:08:49,900 --> 00:08:52,100
Scopes drift from reads to read writes.

210
00:08:52,100 --> 00:08:56,100
Offline access gets stapled to everything for resilience.

211
00:08:56,100 --> 00:08:58,500
Roles move from PIM eligible to standing

212
00:08:58,500 --> 00:09:01,100
because a deployment window couldn't wait.

213
00:09:01,100 --> 00:09:03,860
Conditional access exclusions multiply first for a build agent,

214
00:09:03,860 --> 00:09:06,340
then for a rename group, then for a contractor,

215
00:09:06,340 --> 00:09:09,660
until nobody can tell who is actually enforced.

216
00:09:09,660 --> 00:09:13,060
Platform engineer, missing policies create obvious gaps.

217
00:09:13,060 --> 00:09:14,700
Drifting policies create ambiguity,

218
00:09:14,700 --> 00:09:17,380
ambiguity is where incidents live, spec kit fix,

219
00:09:17,380 --> 00:09:19,660
attack each category with a constitutional control

220
00:09:19,660 --> 00:09:21,540
and a gate, dependency.

221
00:09:21,540 --> 00:09:24,580
Dependency allow lists pinned by major versions,

222
00:09:24,580 --> 00:09:26,820
banned symbols for secret friendly helpers,

223
00:09:26,820 --> 00:09:29,500
a transitive scanner that fails any preview package

224
00:09:29,500 --> 00:09:30,980
in production projects.

225
00:09:30,980 --> 00:09:32,660
When the agent proposes Microsoft,

226
00:09:32,660 --> 00:09:35,580
graph vnext or a helper that writes secrets to disk,

227
00:09:35,580 --> 00:09:37,980
the plan fails with the approved alternatives.

228
00:09:37,980 --> 00:09:40,420
Configuration, tenant invariance for naming,

229
00:09:40,420 --> 00:09:42,260
ownership, redirects and audience,

230
00:09:42,260 --> 00:09:44,140
deploy time reconciliation that refuses

231
00:09:44,140 --> 00:09:47,740
ownerless objects, wildcard redirects or audience mismatches.

232
00:09:47,740 --> 00:09:50,580
Attempt to create HR tool without an identity owner,

233
00:09:50,580 --> 00:09:52,260
denied with a link to the assignment task,

234
00:09:52,260 --> 00:09:55,740
authorization, scope allow lists per application class,

235
00:09:55,740 --> 00:09:58,460
mechanical denial of non-allowlisted requests,

236
00:09:58,460 --> 00:10:00,660
PIM mandatory above threshold,

237
00:10:00,660 --> 00:10:03,380
prohibited role combinations captured as code.

238
00:10:03,380 --> 00:10:05,380
Attempt to assign application administrator

239
00:10:05,380 --> 00:10:07,100
plus cloud application administrator

240
00:10:07,100 --> 00:10:08,060
to the same principle,

241
00:10:08,060 --> 00:10:11,140
CI fails with the exact prohibition and remediation path,

242
00:10:11,140 --> 00:10:12,620
walk it with failure as feedback,

243
00:10:12,620 --> 00:10:14,340
so developers learn instantly.

244
00:10:14,340 --> 00:10:16,700
Permission request lands with directory,

245
00:10:16,700 --> 00:10:18,740
read write.all, CI response,

246
00:10:18,740 --> 00:10:20,900
denied by onboarding, reader allow list,

247
00:10:20,900 --> 00:10:22,580
use app role onboarding,

248
00:10:22,580 --> 00:10:25,420
writer via service API spec onboard 001,

249
00:10:25,420 --> 00:10:28,100
helper tries to generate a secret, deploy says,

250
00:10:28,100 --> 00:10:30,260
secrets prohibited for workloads,

251
00:10:30,260 --> 00:10:33,940
generates certificate using template SCA 2025,

252
00:10:33,940 --> 00:10:37,140
redirect wildcard appears in a manifest, plan fails.

253
00:10:37,140 --> 00:10:40,340
Redirect invariance explicit your eyes only.

254
00:10:40,340 --> 00:10:42,940
Each failure points to the shortest compliant path,

255
00:10:42,940 --> 00:10:45,860
security engineer, gates teach faster than reviews,

256
00:10:45,860 --> 00:10:47,940
they don't negotiate, they instruct.

257
00:10:47,940 --> 00:10:51,860
Timeline story to make the accumulation tangible.

258
00:10:51,860 --> 00:10:55,900
Month, first HR automation ships with broad scopes,

259
00:10:55,900 --> 00:10:58,180
everyone cheers onboarding is faster.

260
00:10:58,180 --> 00:11:00,100
Month two pattern copy to offboarding,

261
00:11:00,100 --> 00:11:01,540
same helper, same scopes,

262
00:11:01,540 --> 00:11:04,740
a third team builds profile edits and adds user.

263
00:11:04,740 --> 00:11:07,300
Read write all to unblock testing.

264
00:11:07,300 --> 00:11:11,020
Month six audit finds 47 app registrations with write power,

265
00:11:11,020 --> 00:11:13,860
owners have moved, deleting anyone might break production,

266
00:11:13,860 --> 00:11:15,940
risk and uptime argue for weeks.

267
00:11:15,940 --> 00:11:17,380
Month seven spec kit lands,

268
00:11:17,380 --> 00:11:20,300
the second app request for broad scopes fails before it exists.

269
00:11:20,300 --> 00:11:21,940
Teams adopt templates,

270
00:11:21,940 --> 00:11:24,140
blocked permissions, spike for two sprints,

271
00:11:24,140 --> 00:11:25,300
then normalize,

272
00:11:25,300 --> 00:11:28,180
consent velocity flatends, drift curve bends,

273
00:11:28,180 --> 00:11:30,020
take the same arc under enforcement,

274
00:11:30,020 --> 00:11:32,100
month ships with narrow scopes and an app roll

275
00:11:32,100 --> 00:11:33,460
behind a service API.

276
00:11:33,460 --> 00:11:36,700
Month two's copy attempt fails when it requests write scopes,

277
00:11:36,700 --> 00:11:39,100
the template points them to the same app roll.

278
00:11:39,100 --> 00:11:41,220
Month six audit shows read only readers

279
00:11:41,220 --> 00:11:43,940
and a single write surface with pymgated elevation,

280
00:11:43,940 --> 00:11:45,900
same throughput, no slope.

281
00:11:45,900 --> 00:11:48,020
Governance lead.

282
00:11:48,020 --> 00:11:50,340
We didn't slow work, we removed the slope,

283
00:11:50,340 --> 00:11:51,900
tired to conditional access erosion

284
00:11:51,900 --> 00:11:53,500
because it's the same physics.

285
00:11:53,500 --> 00:11:55,780
A single user based exclusion for a build agent

286
00:11:55,780 --> 00:11:56,980
becomes a pattern.

287
00:11:56,980 --> 00:12:00,260
Rename the group, the exclusion sticks to real users,

288
00:12:00,260 --> 00:12:02,780
under invariance, that exclusion never merges,

289
00:12:02,780 --> 00:12:04,660
only persona patterns pass

290
00:12:04,660 --> 00:12:06,460
and changes to exclusions require

291
00:12:06,460 --> 00:12:09,060
a constitutional amendment, not a quick portal edit.

292
00:12:09,060 --> 00:12:12,620
Now the fast contrast that cements the KPI mindset.

293
00:12:12,620 --> 00:12:14,780
Blocked permissions going up is good news,

294
00:12:14,780 --> 00:12:16,660
it means the compiler is awake.

295
00:12:16,660 --> 00:12:18,460
Zero blocks doesn't mean excellence,

296
00:12:18,460 --> 00:12:19,980
it means zero breaks.

297
00:12:19,980 --> 00:12:22,340
Take away, drift isn't dramatic, it's cumulative.

298
00:12:22,340 --> 00:12:24,020
Specify what must be true,

299
00:12:24,020 --> 00:12:25,820
enforce it where changes are born

300
00:12:25,820 --> 00:12:27,380
and the slope disappears.

301
00:12:27,380 --> 00:12:31,780
Scenario one, silent privilege, creep.

302
00:12:31,780 --> 00:12:34,100
Your first exception is never your last.

303
00:12:34,100 --> 00:12:36,620
Privilege creep doesn't announce itself, it accretes.

304
00:12:36,620 --> 00:12:39,180
Month, a delivery lead opens a ticket,

305
00:12:39,180 --> 00:12:40,740
speed up user provisioning.

306
00:12:40,740 --> 00:12:43,020
A developer asks the agent to build a small service

307
00:12:43,020 --> 00:12:45,460
that reads HR events and provisions users

308
00:12:45,460 --> 00:12:47,420
through Microsoft Graph, the demo works,

309
00:12:47,420 --> 00:12:50,140
output looks clean and the change closes the incident.

310
00:12:50,140 --> 00:12:51,660
Hidden in that success directory,

311
00:12:51,660 --> 00:12:53,100
read write all to avoid blockers,

312
00:12:53,100 --> 00:12:55,780
group, read write, all for future workflows,

313
00:12:55,780 --> 00:12:58,460
and offline access for stability,

314
00:12:58,460 --> 00:13:01,380
non-field reckless, they feel practical.

315
00:13:01,380 --> 00:13:03,900
The approval language says temporary.

316
00:13:03,900 --> 00:13:06,500
Nobody sets a timer, identity architect,

317
00:13:06,500 --> 00:13:08,900
no one argues for maximum privilege,

318
00:13:08,900 --> 00:13:11,140
they argue for just enough to ship today.

319
00:13:11,140 --> 00:13:14,420
Month two, another team copies the pattern for offboarding,

320
00:13:14,420 --> 00:13:17,580
same helper, same broad scopes, same justification.

321
00:13:17,580 --> 00:13:20,340
A third team builds a profile update tool.

322
00:13:20,340 --> 00:13:23,220
Devina Hari asks the agent for a fix to 403's

323
00:13:23,220 --> 00:13:24,980
on try user read write all.

324
00:13:24,980 --> 00:13:27,380
It works so it stays, the pattern isn't code anymore,

325
00:13:27,380 --> 00:13:29,820
it's culture, platform, engineer.

326
00:13:29,820 --> 00:13:31,780
We approved one working example,

327
00:13:31,780 --> 00:13:33,380
we woke up with a family of them.

328
00:13:33,380 --> 00:13:35,820
Consequence, by month six audit inventories,

329
00:13:35,820 --> 00:13:38,860
47 app registrations with write power over users and groups,

330
00:13:38,860 --> 00:13:40,620
some are dormant, some are active,

331
00:13:40,620 --> 00:13:43,300
a few run nightly on a schedule, nobody monitors,

332
00:13:43,300 --> 00:13:44,620
owners move teams.

333
00:13:44,620 --> 00:13:46,460
The people who added the first broad scope

334
00:13:46,460 --> 00:13:47,900
have forgotten the ticket.

335
00:13:47,900 --> 00:13:49,980
Uptime and risk start to negotiate

336
00:13:49,980 --> 00:13:52,740
because nobody can map which app truly needs

337
00:13:52,740 --> 00:13:54,500
write access and which is living on habit.

338
00:13:54,500 --> 00:13:56,900
Now the moment privilege creep gets dangerous.

339
00:13:56,900 --> 00:13:59,620
A service principle with directory read write.

340
00:13:59,620 --> 00:14:02,780
All gains are standing privileged role temporarily

341
00:14:02,780 --> 00:14:05,100
to fix a sink failure at 2 a.m.

342
00:14:05,100 --> 00:14:07,340
The incident resolves, the elevation persists

343
00:14:07,340 --> 00:14:09,300
because removing it feels risky.

344
00:14:09,300 --> 00:14:12,980
Every will clean this up later is an IOU that compounds.

345
00:14:12,980 --> 00:14:15,420
Security engineer, every extra bit of authorization

346
00:14:15,420 --> 00:14:18,380
is a future incident, not if when spec kit fix

347
00:14:18,380 --> 00:14:21,620
walk it as a timeline contrast month under spec kit.

348
00:14:21,620 --> 00:14:24,180
The specification for HR driven provisioning

349
00:14:24,180 --> 00:14:26,700
defines read operations and a narrow write surface

350
00:14:26,700 --> 00:14:29,260
mediated through a service API with an app role.

351
00:14:29,260 --> 00:14:32,220
The allow list for that class includes user read all

352
00:14:32,220 --> 00:14:35,700
and group read all only the agent tries directory read write

353
00:14:35,700 --> 00:14:39,580
all CI fails with denied by class allow list use

354
00:14:39,580 --> 00:14:44,220
app role provisioning writer via API spec prof 0 to the service

355
00:14:44,220 --> 00:14:47,140
principle attempts to create a client secret deploy blocks

356
00:14:47,140 --> 00:14:50,300
with secrets prohibited for workloads generate certificate

357
00:14:50,300 --> 00:14:53,060
using template SCI 2025.

358
00:14:53,060 --> 00:14:55,220
The app registration lacks an identity owner

359
00:14:55,220 --> 00:14:58,340
the pipeline refuses the change and creates an assignment task

360
00:14:58,340 --> 00:15:01,220
month to under spec kit the second team copies the pattern

361
00:15:01,220 --> 00:15:05,100
the minute they request group read write all for future workflows

362
00:15:05,100 --> 00:15:07,580
CI rejects with a pointer to the spec and a template

363
00:15:07,580 --> 00:15:10,220
that already works they wire to the same API app role

364
00:15:10,220 --> 00:15:13,500
instead of minting broad graph scope consistency emerges

365
00:15:13,500 --> 00:15:17,060
not by culture but by compilation month six under spec kit

366
00:15:17,060 --> 00:15:19,740
audit finds read only readers and one right service

367
00:15:19,740 --> 00:15:21,500
with pymgated activation.

368
00:15:21,500 --> 00:15:24,700
Standing privilege roles are prohibited combinations any

369
00:15:24,700 --> 00:15:27,260
attempt to assign one fails in CI.

370
00:15:27,260 --> 00:15:30,500
If the API needs emergency expansion it goes through change control

371
00:15:30,500 --> 00:15:34,100
as a constitutional amendment with a sunset and compensating controls

372
00:15:34,100 --> 00:15:38,020
exceptions are visible time bound and expensive by design

373
00:15:38,020 --> 00:15:41,060
governance lead you can't unwind creep with meetings

374
00:15:41,060 --> 00:15:43,940
you unwind it with rules that refuse to create it again

375
00:15:43,940 --> 00:15:47,500
before we close zoom into the human pressure point where creep takes root

376
00:15:47,500 --> 00:15:50,620
can we just admin consent this so QA can test today

377
00:15:50,620 --> 00:15:53,740
without gates that sentence becomes a deployment strategy

378
00:15:53,740 --> 00:15:57,420
with gates the request dies in CI scope not on allow list for class

379
00:15:57,420 --> 00:16:00,300
onboarding reader the developer fixes it in minutes

380
00:16:00,300 --> 00:16:03,220
the alternative is six months later in audit when the fix is

381
00:16:03,220 --> 00:16:06,020
measured in quarters failure as feedback examples compound the

382
00:16:06,020 --> 00:16:09,140
learning attempt to assign application administrator to the

383
00:16:09,140 --> 00:16:12,140
provisioning app to unblock directory rights.

384
00:16:12,140 --> 00:16:15,620
CI fails with prohibited pair app administrator plus right app

385
00:16:15,620 --> 00:16:19,540
role in same principle split duties attempt to bypass device

386
00:16:19,540 --> 00:16:23,180
requirements for a build agent user for the pipeline conditional

387
00:16:23,180 --> 00:16:26,660
access compiler denies user based exclusions forbidden use

388
00:16:26,660 --> 00:16:30,500
workload identity pattern identity architect make doing the right

389
00:16:30,500 --> 00:16:33,940
thing cheaper than doing the fast thing then the model any model

390
00:16:33,940 --> 00:16:37,300
looks brilliant one more contrast to show the slope without

391
00:16:37,300 --> 00:16:41,300
enforcement one permissive provisioning app becomes ten each

392
00:16:41,300 --> 00:16:44,620
carries three or five right scopes dispersed across projects

393
00:16:44,620 --> 00:16:48,300
and pipelines privilege grants rise as a quiet baseline

394
00:16:48,300 --> 00:16:51,020
with enforcement throughput increases more apps ship but the

395
00:16:51,020 --> 00:16:53,860
count of privilege grants stays flat the difference isn't

396
00:16:53,860 --> 00:16:56,620
developer virtue it's gates removing ways to be wrong now the

397
00:16:56,620 --> 00:16:59,500
uncomfortable consequence if you ignore this the day you need to

398
00:16:59,500 --> 00:17:02,380
revoke a compromise token you won't know the blast radius

399
00:17:02,380 --> 00:17:05,740
offboarding becomes a negotiation with uptime because every

400
00:17:05,740 --> 00:17:09,660
right capable app might own a critical path incident MTR stretches

401
00:17:09,660 --> 00:17:12,300
because your authorization graph is ambiguous by design

402
00:17:12,300 --> 00:17:15,740
spec it turns that on its head these privilege scopes by class app

403
00:17:15,740 --> 00:17:18,860
rolls instead of raw graph writes certificates instead of secrets

404
00:17:18,860 --> 00:17:22,220
PM instead of standing roles prohibited combinations encoded

405
00:17:22,220 --> 00:17:26,620
tenant invariance that quarantine oneless objects and block wildcard redirects

406
00:17:26,620 --> 00:17:29,660
and change control that treats temporary as a contract with an

407
00:17:29,660 --> 00:17:34,860
expiration not a vibe take away your first exception is never your last

408
00:17:34,860 --> 00:17:38,460
privilege creep is a timeline you can stop on day one by failing the wrong

409
00:17:38,460 --> 00:17:42,460
shapes where they're born scenario to consent sprawl and or chaos consent

410
00:17:42,460 --> 00:17:46,140
this capability deployment treated casually and you deploy power casually

411
00:17:46,140 --> 00:17:50,220
concrete example Monday a QA lead says we're blocked can we just

412
00:17:50,220 --> 00:17:53,580
admin consent this so we can test today an engineer opens

413
00:17:53,580 --> 00:17:57,740
entra selects a dev tool asking for mail read right files to read right

414
00:17:57,740 --> 00:18:01,500
don't all and offline access and clicks accept on behalf of the

415
00:18:01,500 --> 00:18:04,700
organization the demo runs tickets close nobody writes down that

416
00:18:04,700 --> 00:18:10,380
decision Tuesday a reporting script requests directory read all plus

417
00:18:10,380 --> 00:18:15,420
sites read right all to pull broader metrics same path friday a connector

418
00:18:15,420 --> 00:18:19,260
requests offline access because a sample used it all three were coherent alone

419
00:18:19,260 --> 00:18:22,780
together they create an authorization surface you never approved in a single

420
00:18:22,780 --> 00:18:27,900
sitting consequence consent sprawl six weeks later the tenant holds 200 active

421
00:18:27,900 --> 00:18:31,420
grants across first and third party apps some belong to tools nobody uses

422
00:18:31,420 --> 00:18:35,580
some are personal projects with org wide access because it was the easiest way

423
00:18:35,580 --> 00:18:40,940
to test a handful tie to external sass where scope creep hitchhiked with

424
00:18:40,940 --> 00:18:44,380
version upgrades you never reviewed your control plane didn't fail your

425
00:18:44,380 --> 00:18:49,420
process did you allowed capabilities to land without provenance identity

426
00:18:49,420 --> 00:18:53,580
architect consent isn't a pop-up it's a deployment pipeline with no rollback

427
00:18:53,580 --> 00:18:57,980
make the danger visceral a temporary admin consent to a multi tenant analytics

428
00:18:57,980 --> 00:19:03,340
app includes files read right all two months later the vendor updates their app

429
00:19:03,340 --> 00:19:07,580
to a new API version your grant persist with the same breath your sensitive

430
00:19:07,580 --> 00:19:10,700
sharepoint sites are now right about by an app your team barely remembers

431
00:19:10,700 --> 00:19:15,740
approving a dev exits their personal app persists your legal team asks which

432
00:19:15,740 --> 00:19:20,700
grants expose regulated data silence isn't confidence it's ambiguity now

433
00:19:20,700 --> 00:19:25,420
insert the pressure point that causes the slope Q a pushes a build deadline we

434
00:19:25,420 --> 00:19:30,140
need data flowing by end of day without gates just admin consent this becomes a

435
00:19:30,140 --> 00:19:36,220
strategy not an exception with spec kit the request never reaches Q a it dies in

436
00:19:36,220 --> 00:19:40,860
c i requested scope files read right all not on a law list for two class

437
00:19:40,860 --> 00:19:45,580
analytics reader use app role analytics export via internal api spec and zero

438
00:19:45,580 --> 00:19:49,820
zero four the developer adjust scopes in minutes the alternative is a six-month

439
00:19:49,820 --> 00:19:53,900
cleanup with spreadsheets and fear fast contrast before enforcement developers

440
00:19:53,900 --> 00:19:57,500
rely on portal consent because it's faster than asking for approvals after

441
00:19:57,500 --> 00:20:01,660
enforcement the fastest path is the template a minimal scope set baked into the

442
00:20:01,660 --> 00:20:06,300
app class an internal api with app roles for rights and a workflow that auto

443
00:20:06,300 --> 00:20:11,100
approves conforming requests tied to a spec ID spec kit fix turn this from

444
00:20:11,100 --> 00:20:16,540
negotiation to compilation tenant invariance user consent disabled tenant wide

445
00:20:16,540 --> 00:20:20,700
admin consent requires a workflow tied to a specification ID and app class

446
00:20:20,700 --> 00:20:24,620
external multi tenant apps prohibited unless approved by the identity board

447
00:20:24,620 --> 00:20:29,420
offline access allowed only for designated classes with rotation cadence and usage evidence

448
00:20:29,420 --> 00:20:35,260
delegated permissions prohibited for demons no unattended user patterns scope allow lists by class

449
00:20:35,260 --> 00:20:41,740
interactive internal tools get red scopes only rights happen through validated internal apis

450
00:20:41,740 --> 00:20:46,460
with app roles line of business demons get narrowly scoped app permissions partner

451
00:20:46,460 --> 00:20:52,140
integrations use a reviewed set per vendor gates c i fails any permission request not on the class

452
00:20:52,140 --> 00:20:57,500
allow list deploy refuses to create a consent object without an attached spec ID and owner attempt

453
00:20:57,500 --> 00:21:03,260
to grant delegated mail read right to a demon denied app type and permission model incompatible

454
00:21:03,260 --> 00:21:08,940
attempt to request offline access for a nightly report rejected unless the class explicitly permits it

455
00:21:08,940 --> 00:21:14,940
platform engineer we stopped arguing cases the gate asked one question does this match the spec

456
00:21:14,940 --> 00:21:19,580
if no it didn't ship walk the cleanup timeline with enforcement to make the pay of concrete

457
00:21:19,580 --> 00:21:25,900
week one inventory produces a csv of all old grants each gets an owner business justification and

458
00:21:25,900 --> 00:21:31,820
last used evidence week two compare grants to allow lists anything beyond the class set gets a

459
00:21:31,820 --> 00:21:38,700
replacement plan read scopes only rights through apis with app roles week three revoke offense

460
00:21:38,700 --> 00:21:43,900
re-grant partner apps with reduced scopes and renewal dates quarantine zombie grants for follow-up

461
00:21:43,900 --> 00:21:49,180
week four publish the dashboard consent velocity trending down blocked permissions

462
00:21:49,180 --> 00:21:56,540
spiking by design often grants near zero and external app counts stable under approvals security

463
00:21:56,540 --> 00:22:01,980
engineer blocked permissions going up is good news it means the compiler is awake tied to kpi's

464
00:22:01,980 --> 00:22:07,260
you no longer debate zero blocks is not excellence it's zero breaks consent velocity flattening means

465
00:22:07,260 --> 00:22:13,580
the firehoses governed mttr improves because when an incident lands you can trace what can this app do

466
00:22:13,580 --> 00:22:19,100
and where in minutes not days since every grant maps to a spec ID and owner at one more

467
00:22:19,100 --> 00:22:24,460
failure as feedback example to cement the learning loop a dev requests admin consent for graph files

468
00:22:24,460 --> 00:22:32,540
read right all on a prototype c_i_returns denied by tools reader alo list use app role content export

469
00:22:32,540 --> 00:22:39,580
on internal apis spec cont 007 they swap a raw graph right for an app role call tests pass and

470
00:22:39,580 --> 00:22:45,340
the grant never existed the gate taught the right move faster than any review could governance lead

471
00:22:45,340 --> 00:22:50,700
consent sprawl wasn't created by malice it was created by convenience we removed convenience take

472
00:22:50,700 --> 00:22:56,300
away consent is capability deployment make it compile against intent or it will compile against urgency

473
00:22:56,300 --> 00:23:02,780
scenario three conditional access erosion every exclusion rewrites your threat model conditional

474
00:23:02,780 --> 00:23:08,060
access only works as a universal property the minute it becomes negotiable it becomes invisible

475
00:23:08,060 --> 00:23:12,620
concrete example a build is blocked the pipeline service principle can't satisfy device compliance

476
00:23:12,620 --> 00:23:18,140
because it's not a device someone adds a quick portal edit exclude service account build sp from

477
00:23:18,140 --> 00:23:23,340
require compliant device the build goes green the exclusion stays a month later the team rename's

478
00:23:23,340 --> 00:23:28,380
identity groups the exclusion still targeting an old dynamic group with a stale rule now applies

479
00:23:28,380 --> 00:23:33,340
to real users who match the new naming pattern overnight humans are walking through a door carved

480
00:23:33,340 --> 00:23:39,660
for a robot identity architect it felt like a release fix it became a permanent back door

481
00:23:39,660 --> 00:23:44,300
consequence the policy you could explain last quarter no longer matches runtime behavior

482
00:23:44,300 --> 00:23:49,660
MFA is required except for a nested group no one owns approved client apps are enforced

483
00:23:49,660 --> 00:23:55,020
except for a connector that insisted on basic off just for this integration device compliance is

484
00:23:55,020 --> 00:23:59,820
universal except for a collection of identities with ambiguous scoping that now includes guest

485
00:23:59,820 --> 00:24:04,460
users your zero trust stance is probabilistic your responders can't answer the simplest question

486
00:24:04,460 --> 00:24:10,860
under pressure who is actually enforced platform engineer erosion didn't show up as a red alert it

487
00:24:10,860 --> 00:24:15,580
showed up as ambiguity at a human pressure moment so the slope is undeniable a release manager says

488
00:24:15,580 --> 00:24:20,940
we have a cfo demo at 3 p.m the pipeline has to run a well meaning admin adds a user-based

489
00:24:20,940 --> 00:24:26,300
exclusion to unblock for today nobody files a sunset nobody encodes purpose the change ships

490
00:24:26,300 --> 00:24:30,540
because the portal is faster than governance six months later the exclusion survives multiple

491
00:24:30,540 --> 00:24:36,380
team rotations and a rename its original justification is a memory not an artifact fast contrast

492
00:24:36,380 --> 00:24:43,020
under spec kit invariance that same request never reaches the portal the change dies in CI identity

493
00:24:43,020 --> 00:24:48,860
policy invariant violated user-based exclusions are prohibited use workload identity pattern

494
00:24:48,860 --> 00:24:53,660
the engineer switches the pipeline to a workload identity flow that never pretends to be a human

495
00:24:53,660 --> 00:24:59,020
the demo stays on the calendar the erosion never begins spec kit fix turn exclusions into patterns

496
00:24:59,020 --> 00:25:05,580
that compile not edits that linger constitution encode identity policy classes human workload

497
00:25:05,580 --> 00:25:12,220
emergency and universals no user or group based exclusions approved client app requirement cannot

498
00:25:12,220 --> 00:25:19,260
be disabled for interactive users device compliance enforced for human personas only legacy or blocked

499
00:25:19,260 --> 00:25:24,780
tenant wide break class policies exist in a sealed pattern with high assurance signals and real-time

500
00:25:24,780 --> 00:25:31,340
monitoring specification for CI pipeline or automation agent define the workload identity pattern

501
00:25:31,340 --> 00:25:36,300
certificate based client credentials app enforced restrictions instead of human device claims

502
00:25:36,300 --> 00:25:42,860
conditional access tags that route only to workload controls no browser-based MFA no legacy flows

503
00:25:42,860 --> 00:25:48,700
for partner access define B2B direct connect policies with conditional context but no human bypasses

504
00:25:48,700 --> 00:25:53,740
gates a policy compiler in CI that rejects definitions containing user exclusions dynamic

505
00:25:53,740 --> 00:25:59,260
group targets for always enforce classes report only for designated enforced policies or all cloud

506
00:25:59,260 --> 00:26:04,940
apps minus n anti patterns deploy time validation to ensure effective coverage matches spec no drifted

507
00:26:04,940 --> 00:26:09,980
targets reconciliation jobs that quarantine often conditions and stale guid walk the failure as

508
00:26:09,980 --> 00:26:15,580
feedback loop so learning is immediate a contributor submits a policy json excluding build sp from

509
00:26:15,580 --> 00:26:21,420
device compliance CI returns denied user group exclusion in human policy use workload identity

510
00:26:21,420 --> 00:26:26,940
policies spec wide 0 0 3 they switch the pipeline to use a workload identity the next attempt tries to

511
00:26:26,940 --> 00:26:32,140
disable approved client app requirements for an interactive tool to fix broker issues the gate

512
00:26:32,140 --> 00:26:38,140
fails human apps policy forbids disabling approved apps use broker client or switch to workload pattern

513
00:26:38,140 --> 00:26:43,820
tendency each failure points to the minimal compliant fix security engineer gates beat good intentions

514
00:26:43,820 --> 00:26:49,580
they turn justice once into this doesn't exist here make the exclusion danger visceral with one more

515
00:26:49,580 --> 00:26:54,700
edge path a VIP exclusion for a traveling executive creates a nested group tangle the contractors

516
00:26:54,700 --> 00:26:59,580
account matches the condition unexpectedly after a directory sync change the contractor now bypasses

517
00:26:59,580 --> 00:27:05,500
MFA from an unmanaged device at a cafe nobody intended it the exclusion authored it fast contrast

518
00:27:05,500 --> 00:27:11,340
after invariance VIP is a policy class with higher assurance requirements not fewer fish resistant

519
00:27:11,340 --> 00:27:16,540
MFA is mandatory device compliance stays intact for humans the only escape valve is emergency time

520
00:27:16,540 --> 00:27:22,860
boxed with a workstation pool and alarms clean up as a timeline so the payoff is real week one

521
00:27:22,860 --> 00:27:27,740
inventory every policy extract conditions controls and exclusions normalize against identity

522
00:27:27,740 --> 00:27:36,460
policy specs map personas human workload emergency week two remove user-based exclusions replace with

523
00:27:36,460 --> 00:27:41,900
pattern-based scoping migrate pipeline identities to workload policies consolidate duplicate policies

524
00:27:41,900 --> 00:27:47,180
differing only by stale exclusions week three enable a coverage query per policy that computes

525
00:27:47,180 --> 00:27:53,260
effective protection across personas publish KPIs user exclusions trending to zero report only

526
00:27:53,260 --> 00:27:58,220
policies declining legacy off blocks rising to coverage workload identity adoption climbing

527
00:27:58,220 --> 00:28:03,660
approved client app requirement coverage increasing week four locked the door C.I.N. deploy gates

528
00:28:03,660 --> 00:28:08,540
enforce invariance any attempt to reintroduce a user exclusion fails with the violated clause

529
00:28:08,540 --> 00:28:14,860
and remediation link governance lead we didn't get stricter we got predictable tie each KPI to a

530
00:28:14,860 --> 00:28:20,060
decision you no longer argue about block policy edits going up is good gates are catching erosion

531
00:28:20,060 --> 00:28:25,340
attempts zero blocks isn't excellence it's zero breaks effective coverage becomes a number your

532
00:28:25,340 --> 00:28:31,020
responders trust mttr drops because they no longer start incidents by reverse engineering intent

533
00:28:31,020 --> 00:28:36,700
from tangled exclusions they start with code and evidence take away every exclusion rewrites your

534
00:28:36,700 --> 00:28:42,300
threat model treat conditional access as compiled policy not a canvas for quick edits and erosion

535
00:28:42,300 --> 00:28:48,460
stops being possible by accident the cost of conditional chaos measurable impact if your governance is

536
00:28:48,460 --> 00:28:53,980
real it has a dashboard if it doesn't you have a story not a system concrete example a leadership

537
00:28:53,980 --> 00:28:58,540
review asks are we safer this quarter in the team shows tickets closed trainings delivered in a

538
00:28:58,540 --> 00:29:02,940
pile of screenshots none of those answer the question that matters did effective authorization

539
00:29:02,940 --> 00:29:08,620
converge on intent without hard signals you negotiate confidence with signals you measure it consequence

540
00:29:08,620 --> 00:29:13,020
in conditional chaos the curves move the wrong way silently consent velocity rises because

541
00:29:13,020 --> 00:29:19,100
just admin consented scales faster than review block permissions stay at zero not because you're good

542
00:29:19,100 --> 00:29:24,060
but because nothing blocks anything standing privilege rolls accumulate under temporary pressure

543
00:29:24,060 --> 00:29:29,980
PM activation spike because every routine task requires elevation mttr stretches when an incident

544
00:29:29,980 --> 00:29:34,220
lands because responders can't trace effective permission without breaking production you don't

545
00:29:34,220 --> 00:29:39,420
have drift you have compounded ambiguity spec it fix tie every number to a decision you no longer

546
00:29:39,420 --> 00:29:44,700
argue about you stop sampling posture and start compiling it into kpi's that behave primary metric

547
00:29:44,700 --> 00:29:50,060
one app consent velocity count of new grants per month normalized by active projects in chaos

548
00:29:50,060 --> 00:29:54,700
velocity drifts up then hockey sticks when agents replicate patterns under enforcement it flattens

549
00:29:54,700 --> 00:29:59,660
why scope allow lists and consent workflows tied to spec IDs make bad requests fail in ci

550
00:30:00,060 --> 00:30:06,060
fewer bad requests reach humans same throughput less sprawl identity architect velocity down is not

551
00:30:06,060 --> 00:30:11,660
less shipping it's less dead landing primary metric two blocked permissions in a healthy system this

552
00:30:11,660 --> 00:30:16,620
number spikes early that's the gate doing work each block is a non-alolistic scope that died before

553
00:30:16,620 --> 00:30:23,260
aging into debt over time as templates encode norms spikes flattened to a steady low hum if blocked

554
00:30:23,260 --> 00:30:27,980
permissions are near zero and you're shipping you're not exceptional your brakeless fast contrast

555
00:30:27,980 --> 00:30:34,460
example team a implements the gates blocked permissions jump from to 37 in week one then settle at 4 to

556
00:30:34,460 --> 00:30:41,260
6 per sprint consent velocity drops 40% and stays flat team b prompts better blocked permissions

557
00:30:41,260 --> 00:30:48,300
hold at ear consent velocity climbs 15% quarter over quarter same tools different physics primary metric

558
00:30:48,300 --> 00:30:53,580
three standing privilege rolls count of non-pim assignments above the threshold in chaos this creeps up

559
00:30:53,580 --> 00:30:58,700
because temporary becomes permanent by inertia under constitutional rb act and prohibited combinations

560
00:30:58,700 --> 00:31:04,700
it trends to zero the side effect is noticeable pm activation frequency also trends down least

561
00:31:04,700 --> 00:31:10,380
privilege design removes elevation for routine work incidents require fewer escalations activations

562
00:31:10,380 --> 00:31:15,900
become short rare and auditable security engineer we didn't make pm harder we made it unnecessary

563
00:31:15,900 --> 00:31:21,420
more often primary metric four audit posture findings closed without compensating controls is the

564
00:31:21,420 --> 00:31:27,500
only line that matters in chaos you borrow story points from audit season to rewrite evidence findings

565
00:31:27,500 --> 00:31:33,740
roll over renamed rather than resolved with spec kit you close them with artifacts allow lists

566
00:31:33,740 --> 00:31:39,660
invariants are back models gates and workflows referenced by spec IDs the dashboard reads like a

567
00:31:39,660 --> 00:31:44,540
compiler log not a diary primary metric five effective coverage for conditional access

568
00:31:44,540 --> 00:31:49,820
not policy exists not report only enabled calculate the percentage of identities always

569
00:31:49,820 --> 00:31:54,940
enforced by each control with no user or group exclusions purpose owner in chaos you don't know

570
00:31:54,940 --> 00:31:59,500
this number it's a guess under invariants it's a query you watch it climb because user-based

571
00:31:59,500 --> 00:32:04,620
exclusions are mechanically impossible and workload identities never pretend to be humans platform

572
00:32:04,620 --> 00:32:11,180
engineer we replaced seems enforced with a percentage and a diff primary metric six mttr for access

573
00:32:11,180 --> 00:32:17,580
incidents in chaos responders begin with questions what can this principle do where can it go what

574
00:32:17,580 --> 00:32:22,860
breaks if we revoke answers arrived by spillunking not by code under enforcement you trace effective

575
00:32:22,860 --> 00:32:27,900
permissions in minutes because scopes roles and policies map to spec IDs and owners quarantine is

576
00:32:27,900 --> 00:32:33,020
precise rollbacks are surgical mttr shrinks and it's variance narrows now connect each curve to a

577
00:32:33,020 --> 00:32:39,340
gate so causality is explicit consent velocity flattens because c i refuses non allow listed scopes

578
00:32:39,340 --> 00:32:45,660
and deploy refuses often grants blocked permissions spike early because rules are live they flatten

579
00:32:45,660 --> 00:32:51,340
as templates normalize inputs standing roles decline because prohibited combinations and pym requirements

580
00:32:51,340 --> 00:32:56,540
are encoded not requested p i m activations fall because least privilege designs replace elevation

581
00:32:56,540 --> 00:33:02,140
with app roles and narrow api's effective coverage climbs because user exclusions can't merge

582
00:33:02,140 --> 00:33:07,420
workload identity patterns replace human bypasses mttr drops because ambiguity is engineered out the

583
00:33:07,420 --> 00:33:13,340
graph is legible by construction a quick micro story to make the numbers breathe a mid-size tenant

584
00:33:13,340 --> 00:33:19,980
began with 312 active grants 29 standing privileged roles and an unknown effective coverage after

585
00:33:19,980 --> 00:33:26,140
eight weeks of constitutional rollout 198 active grants all with owners and spec IDs standing roles

586
00:33:26,140 --> 00:33:31,980
down to three with decommission dates effective coverage for mf a and approved client apps above 96

587
00:33:31,980 --> 00:33:37,260
percent for humans workload identity adoption at 81 percent of pipelines blocked permissions

588
00:33:37,260 --> 00:33:42,780
stabilized at five to seven per sprint mttr for access incidents cut from 11 hours median to three

589
00:33:42,780 --> 00:33:50,620
hours with tighter spread no heroics gates plus templates governance lead the best argument is a graph

590
00:33:50,620 --> 00:33:55,740
moving the right way one more fast contrast zero blocks is a great headline if you're breaking a

591
00:33:55,740 --> 00:34:00,460
bicycle it's a horror movie if you're breaking a truck don't celebrate silence celebrate shaped

592
00:34:00,460 --> 00:34:06,700
noise that declines for the right reasons take away what you don't measure you negotiate turn

593
00:34:06,700 --> 00:34:11,580
intent into numbers that move in one direction downward for debt upward for coverage and conditional

594
00:34:11,580 --> 00:34:16,940
chaos turns into conditional evidence spec kit constitutional governance for AI driven development

595
00:34:16,940 --> 00:34:22,140
if governance isn't executable it's ornamental constitutional governance turns your identity posture

596
00:34:22,140 --> 00:34:27,660
into law the system compiles not guidance the system may ignore concrete example before spec kit

597
00:34:27,660 --> 00:34:32,780
a team documented least privilege in a wiki use certificates in an onboarding doc and no user

598
00:34:32,780 --> 00:34:38,860
exclusions in a slide five documents zero enforcement after spec kit one constitution declares non-negotiables

599
00:34:38,860 --> 00:34:43,660
every feature carries a spec ID pipelines compile changes against those rules and approvals reference

600
00:34:43,660 --> 00:34:49,100
the same ID one artifact chain one source of authority consequence decisions stop living in meetings

601
00:34:49,100 --> 00:34:54,220
and start living in code ambiguity drops because the only successful path is the compliant one

602
00:34:54,220 --> 00:34:58,300
here's the structure you need to make that real first the constitution this is the short list of

603
00:34:58,300 --> 00:35:02,940
laws you will not debate per sprint they're the invariance not opinions examples that matter

604
00:35:04,220 --> 00:35:09,580
identity policy classes with universals no user or group based exclusions approved client apps

605
00:35:09,580 --> 00:35:15,580
required for interactive access device compliance only for human personas legacy or block tenant wide

606
00:35:15,580 --> 00:35:21,580
break class is a sealed pattern with high assurance signals and alerts authorization guardrails

607
00:35:21,580 --> 00:35:27,100
scope allow lists by app class delegated permissions prohibited for demons pim mandatory

608
00:35:27,100 --> 00:35:33,020
above threshold prohibited role combinations codified in the g application administrator plus cloud

609
00:35:33,020 --> 00:35:40,700
application administrator authentication primitives certificate based client credentials for workloads

610
00:35:40,700 --> 00:35:45,740
client secrets prohibited in production redirect hygiene prohibits wild cards and local host

611
00:35:45,740 --> 00:35:52,380
beyond sanctioned dev paths tenant invariance naming patterns owner assignment required audience rules

612
00:35:52,380 --> 00:35:57,900
external partner allow lists with reviews this is the law of the land it's short explicit and machine

613
00:35:57,900 --> 00:36:03,900
checkable second specifications every capability that touches identity ships with a spec that answers

614
00:36:03,900 --> 00:36:09,180
what must be true for this feature it includes the allowed graph operations and scopes by class the

615
00:36:09,180 --> 00:36:13,580
auth model the persona mapping the conditional access posture and the evidence queries that will

616
00:36:13,580 --> 00:36:20,060
prove coverage it carries an immutable spec ID think spec on board 001 that threads through planning

617
00:36:20,060 --> 00:36:26,380
tasks cifal yours approvals and telemetry if a change affects identity it sites the spec ID if a

618
00:36:26,380 --> 00:36:31,900
gate blocks a change it points to that ID third planning this is where AI can help safely the model

619
00:36:31,900 --> 00:36:37,580
proposes SDK versions libraries flows and contract shapes the plan compiles those proposals against

620
00:36:37,580 --> 00:36:43,180
dependency allow lists and tenant invariance if it selects a preview graph SDK the plan fails

621
00:36:43,180 --> 00:36:49,100
and points to the approved five x range if it reaches for an auth helper that enables device code

622
00:36:49,100 --> 00:36:54,060
for demons the plan fails and offers the certificate path you still get speed you just stop importing

623
00:36:54,060 --> 00:37:01,020
capability drift disguised as convenience fourth tasks break the plan into atomic verifiable tasks

624
00:37:01,020 --> 00:37:05,900
linked to the spec ID with success criteria a machine can check scopes equal the allow list for

625
00:37:05,900 --> 00:37:12,300
class onboarding reader workload identity uses certificate policy includes approved client apps

626
00:37:12,300 --> 00:37:18,460
no user exclusions redirects are explicit this is how you replace vibes with checks human stop sampling

627
00:37:18,460 --> 00:37:23,660
gates prove conformance task by task fifth implementation where gates to the teaching

628
00:37:23,660 --> 00:37:29,260
CI and deploy gates act as negative proofs permission gate request directory read right

629
00:37:29,260 --> 00:37:35,660
all for reader class CI fails closed prints the expected scopes and links to spec onboard

630
00:37:35,660 --> 00:37:41,500
0.01 are youth gate attempt to create a client secret in prod deploy fails with the certificate

631
00:37:41,500 --> 00:37:46,780
template and key vault binding policy gate submit a user based exclusion to an always enforced policy

632
00:37:46,780 --> 00:37:51,900
policy compiler denies with the violated clause dependency gate pull a preview package into

633
00:37:51,900 --> 00:37:57,340
production manifest scanner rejects and points to the allow list tenant gate register an app without

634
00:37:57,340 --> 00:38:02,220
an identity owner deploy refuses and opens the owner assignment task each failure returns the

635
00:38:02,220 --> 00:38:06,860
violated law and the shortest compliant path developers learn faster than any review could teach

636
00:38:06,860 --> 00:38:12,380
because the feedback is immediate precise and unambiguous governance lead we didn't invent ceremony

637
00:38:12,380 --> 00:38:17,260
we bound authority to artifacts the system can verify now the approval layer because not all

638
00:38:17,260 --> 00:38:23,500
changes are equal change control becomes your legislature not a help desk q tier one auto approvals

639
00:38:23,500 --> 00:38:29,100
for low risk spec conformance changes captured by gates tier two human approvals for new scopes that

640
00:38:29,100 --> 00:38:33,740
sit inside the class allow list or redirect additions that meet invariance tier three dual approvals

641
00:38:33,740 --> 00:38:39,180
for our back changes new always enforced policies or partner integrations tier four constitutional

642
00:38:39,180 --> 00:38:44,220
amendments exceptions to invariance with sunset dates compensating controls and telemetry hooks

643
00:38:44,220 --> 00:38:49,020
these are rare explicit and expensive on purpose every request references the spec ID

644
00:38:49,020 --> 00:38:53,980
shows a diff before after and includes CI evidence that it compiled everywhere else approvers

645
00:38:53,980 --> 00:38:59,500
click once because the system did the analysis exceptions on stealth edits they are visible time box

646
00:38:59,500 --> 00:39:06,700
laws with built in expiry platform engineer we traded arguments for diffs make the payoff tangible

647
00:39:06,700 --> 00:39:11,980
before five documents everyone aligned emotionally nobody aligned operationally permissions landed

648
00:39:11,980 --> 00:39:17,180
through portal clicks conditional access eroded through quick fixes audit meant storytelling after

649
00:39:17,180 --> 00:39:22,540
one constitution many specs pipelines compiled intent gates blocked entropy at source audits closed

650
00:39:22,540 --> 00:39:29,420
with artifacts kpi is moved predictably identity architect if it isn't executable it isn't governance

651
00:39:29,420 --> 00:39:34,940
consequence of adopting this your ai becomes safe leverage the model still generates variance

652
00:39:34,940 --> 00:39:40,380
scaffolds plans and drafts tasks it just can't ship shapes that violate the constitution sampling

653
00:39:40,380 --> 00:39:45,820
becomes fuel not fire one fast contrast to end the chapter without a constitution least privilege is

654
00:39:45,820 --> 00:39:50,620
a principle debated in standups with one it's a property your system proves that build and deploy

655
00:39:50,620 --> 00:39:56,460
without spec IDs provenance is memory with them every permission policy and role traces to intent

656
00:39:56,460 --> 00:40:01,900
without gates you discover problems in audit with gates you discover them in minutes take away

657
00:40:01,900 --> 00:40:06,540
constitutional governance turns intent into law the system compiles if you can't point to the rule

658
00:40:06,540 --> 00:40:11,740
the spec ID the gate and the evidence you're not governing you're hoping governance artifact one

659
00:40:11,740 --> 00:40:17,180
identity policies if your policy isn't executable it's ornamental identity policies are not guidance

660
00:40:17,180 --> 00:40:21,420
they are the compiler switches for personas human workload emergency that make decisions

661
00:40:21,420 --> 00:40:26,860
deterministic at runtime concrete example a team proposes a human corporate access policy with

662
00:40:26,860 --> 00:40:32,780
require mf a require compliant or hybrid joint device approve client app requirement and disabled

663
00:40:32,780 --> 00:40:39,740
legacy protocols it sounds right but here's how it compiles under spec kit scope all human users

664
00:40:39,740 --> 00:40:45,180
explicit exclusions are forbidden conditions device compliance required sign-and-risk high

665
00:40:45,180 --> 00:40:51,180
require fish resistant mf a client app must be brokered controls session restrictions for unmanaged

666
00:40:51,180 --> 00:40:56,460
fallback are disallowed for this class evidence queries that compute effective coverage percentage

667
00:40:56,460 --> 00:41:02,380
across the human persona consequence the same json that used to be a best intention object becomes

668
00:41:02,380 --> 00:41:07,820
a tested artifact if a contributor attempts to add a user-based exclusion for VIP group the policy

669
00:41:07,820 --> 00:41:12,860
gate fails identity policy invariant no user group exclusions for human always enforce

670
00:41:12,860 --> 00:41:18,540
if they try to flip the policy to report only to monitor first see i denize it for the always

671
00:41:18,540 --> 00:41:23,340
enforce class failure is instant precise and points to the spec ID drift dies at the source

672
00:41:23,340 --> 00:41:29,020
now a fast contrast before we go deeper previously a help desk runbook suggested temporarily disabled

673
00:41:29,020 --> 00:41:33,500
approved app requirement for a user troubleshooting broker issues it shipped quietly and lingered

674
00:41:33,500 --> 00:41:39,180
for months under spec kit the attempt fails at pull request with the violated clause and the remediation

675
00:41:39,180 --> 00:41:43,820
use the workload identity patent for automation or fix the brokered client on the endpoint

676
00:41:43,820 --> 00:41:49,260
no silent bypasses take away if it isn't executable it isn't governance here's the policy kit

677
00:41:49,260 --> 00:41:54,700
that makes this durable persona classes encoded in the constitution human always enforce require

678
00:41:54,700 --> 00:42:00,860
fish resistant mf a require compliant or hybrid joint device approved client app required legacy

679
00:42:00,860 --> 00:42:08,060
orz blocked no user group exclusions permitted report only disallowed workload identity certificate

680
00:42:08,060 --> 00:42:14,460
based client credentials app enforced restrictions replace device compliance no delegated permissions no

681
00:42:14,460 --> 00:42:21,660
mf a prompt tagged so human controls never apply emergency break glass time box activation from

682
00:42:21,660 --> 00:42:27,180
a just in time workstation pool higher assurance signals continuous monitoring no persistence alerts

683
00:42:27,180 --> 00:42:33,980
on creation use and expiry specification for each policy class scope definition as a deterministic

684
00:42:33,980 --> 00:42:39,660
selector and g directory filtering by engineered attributes not free text dynamic groups that drift

685
00:42:40,540 --> 00:42:44,540
conditions mapped to personas human device compliance versus workload tags

686
00:42:44,540 --> 00:42:50,460
controls defined by strength and forbidances approved app requirement cannot be disabled for

687
00:42:50,460 --> 00:42:56,540
human classes prohibitions enumerated as failing tests no user group exclusions no report only no

688
00:42:56,540 --> 00:43:01,100
legacy protocols evidence queries custo or graph calls that compute effective coverage by

689
00:43:01,100 --> 00:43:06,300
persona and producer diff gates that compile policies not read them lint rejects anti-patterns

690
00:43:06,300 --> 00:43:10,780
like all cloud apps minus list n or device compliance requirement targeted to a scope that

691
00:43:10,780 --> 00:43:15,580
includes service principles scope validator denies policies that reference dynamic groups with

692
00:43:15,580 --> 00:43:21,020
non deterministic rules in the title based membership requires engineered attributes or system

693
00:43:21,020 --> 00:43:27,180
managed tags enforcement classifier prevents report only on always enforce classes drift reconcilers

694
00:43:27,180 --> 00:43:31,820
nightly jobs compare effective targets to spec and quarantine or open remediations for stale

695
00:43:31,820 --> 00:43:37,900
due aids renamed groups or often conditions walk failures feedback so developers learn immediately

696
00:43:37,900 --> 00:43:42,940
a contributor submits a policy excluding contractors EU from MFA to ease on boarding

697
00:43:42,940 --> 00:43:50,140
CI response denied by human always enforce no group user exclusions use staged rollout with increased

698
00:43:50,140 --> 00:43:55,740
all strength and central onboarding pattern see spec hp oil 003 another tries to target device

699
00:43:55,740 --> 00:44:00,860
compliance to a scope that accidentally includes service principles gate denies work loads cannot

700
00:44:00,860 --> 00:44:06,220
be evaluated by device claims move candidate identities to workload identity pattern minutes

701
00:44:06,220 --> 00:44:12,380
not months identity architect device based decisions are binary at runtime configs are not

702
00:44:12,380 --> 00:44:17,180
enforce the binary where decisions happen make exclusions feel dangerous with one more vivid path

703
00:44:17,180 --> 00:44:22,380
a partner b2b integration asked for a location based exclusion so their ip's bypass mfa

704
00:44:22,380 --> 00:44:27,580
months later the partners ip range changes your exclusion now covers a shared range used by

705
00:44:27,580 --> 00:44:32,700
coffee shop wi-fi under invariance location based bypasses for human offer bitten the partner gets

706
00:44:32,700 --> 00:44:38,060
b2b direct connect with workload tags and conditional controls no blanket bypasses no surprises

707
00:44:38,060 --> 00:44:44,700
platform engineer we replaced exception art with three patterns human workload emergency

708
00:44:44,700 --> 00:44:49,900
everything fit metrics tie the loop effective coverage becomes a query not a story

709
00:44:49,900 --> 00:44:55,020
user group exclusions trend to zero by mechanical impossibility approved client app coverage climbs

710
00:44:55,020 --> 00:45:00,460
because the policy both requires it and refuses edits that disable it legacy old blocks reach full

711
00:45:00,460 --> 00:45:05,740
coverage because anything else can't merge when blocked policy edits spike at first it's enforcement

712
00:45:05,740 --> 00:45:11,500
doing work when they flatten its norms encoded in templates if zero blocks something's wrong you have no

713
00:45:11,500 --> 00:45:18,220
breaks security engineer policy that compiles is the only policy that survives contact with urgency

714
00:45:18,220 --> 00:45:23,500
take away identity policies must be compiled artifacts with persona classes prohibitions as tests

715
00:45:23,500 --> 00:45:29,420
and evidence queries if a change can't pass the compiler it can't erode your posture governance artifact

716
00:45:29,420 --> 00:45:34,380
to dependency allow lists the fastest way to import risk is through your dependencies the agent

717
00:45:34,380 --> 00:45:38,780
doesn't pick libraries because they fit your standards it picks what it has seen most often concrete

718
00:45:38,780 --> 00:45:44,220
example a squad scaffolds an onboarding reader the agent selects Microsoft graph latest pulls an

719
00:45:44,220 --> 00:45:49,100
OAuth helper that supports client secrets by default and includes a preview beta client because

720
00:45:49,100 --> 00:45:54,540
a blog post looked modern everything compiles tests pass hidden inside those choices a secret friendly

721
00:45:54,540 --> 00:46:00,140
code path you didn't intend a moving API surface you can't pin and transitive packages that silently

722
00:46:00,140 --> 00:46:06,940
enable device code in a demon that's not a bug that supply side entropy consequence capability

723
00:46:06,940 --> 00:46:11,900
drift lands before a single permission request developers do the right thing and the right thing

724
00:46:11,900 --> 00:46:17,100
still erodes posture because the tool chain carried the wrong shapes six weeks later you're

725
00:46:17,100 --> 00:46:21,980
remediating secrets and workloads reconciling SDK breakage across pipelines and explaining why a

726
00:46:21,980 --> 00:46:27,820
background service tried a human flow spec kit fix default deny the supply chain and make the

727
00:46:27,820 --> 00:46:33,340
allow list the shortest path identity architect don't confuse works with permitted the helper that

728
00:46:33,340 --> 00:46:37,420
compiles isn't the helper you want here's how the constitutional layer turns this into law

729
00:46:37,420 --> 00:46:44,460
constitution sets the stance default deny explicit allow approved libraries and major versions only

730
00:46:44,460 --> 00:46:49,660
preview or experimental packages forbidden in production authentication primitives are part of

731
00:46:49,660 --> 00:46:55,660
dependency governance workloads must use certificate capable libraries any package that supports

732
00:46:55,660 --> 00:47:01,340
secrets in production parts is banned specification narrows by app class line of business demons get

733
00:47:01,340 --> 00:47:09,900
Microsoft graph five point X and Azure identity with X509 certificate credentials interactive internal

734
00:47:09,900 --> 00:47:15,020
tools use brokered mess out clients test only projects may reference beta clients in isolated folders

735
00:47:15,020 --> 00:47:20,380
that never ship gates make it practical planning compiles agent proposals against the allow list

736
00:47:20,380 --> 00:47:26,300
CI scans manifests and transitives deploy blocks non-conforming artifacts the scanner doesn't

737
00:47:26,300 --> 00:47:31,420
just read top level package based on or CS approach it walks the tree flags preview packages

738
00:47:31,420 --> 00:47:35,900
and searches for band symbols like secret client credential or device code invocations in demon

739
00:47:35,900 --> 00:47:41,420
classes walk failure as feedback so learning is immediate a dev ads Microsoft graph beta to test a

740
00:47:41,420 --> 00:47:47,260
new endpoint CI fails preview packages prohibited in production projects use folder tests

741
00:47:47,260 --> 00:47:54,220
searched beta and build config beta only see spec depth zero zero four another pulls an oh out helper

742
00:47:54,220 --> 00:47:59,580
that writes client secrets to disk gate blocks band symbol secret right to file detected use azure

743
00:47:59,580 --> 00:48:06,940
your identity X509 with template SCA to 2025 a transitive dependency introduces device code flows into

744
00:48:06,940 --> 00:48:11,900
a service assembly the linter denies device code API reference in non interactive project switch

745
00:48:11,900 --> 00:48:18,540
to client certificate credential minutes not months platform engineer transitives were how entropy

746
00:48:18,540 --> 00:48:23,340
snuck in the walker shut the door make the risk visceral with one more angle a team pins to

747
00:48:23,340 --> 00:48:28,700
Microsoft graph latest minor a month later a change deprecates behavior your demon relied on the

748
00:48:28,700 --> 00:48:34,060
fix cascades across four repos under all our lists you pin major approve patch ranges and test

749
00:48:34,060 --> 00:48:39,420
upgrades intentionally behind a plan throughput stays high surprise stays low fast contrast before

750
00:48:39,420 --> 00:48:44,060
enforcement three repos same feature three different odd stacks one secret friendly one device code

751
00:48:44,060 --> 00:48:49,340
one correct after enforcement three repos converge on certificate credentials approved graph

752
00:48:49,340 --> 00:48:55,660
five point X and identical retry telemetry behavior you didn't lecture the compiler did here's the

753
00:48:55,660 --> 00:49:02,300
concrete policy kit dependency allow list file per language ecosystem machine readable version

754
00:49:02,300 --> 00:49:07,980
reviewed like code it lists package names approved major versions permitted patch ranges and

755
00:49:07,980 --> 00:49:13,900
classifies packages by persona human workload test it also defines band symbols and patterns

756
00:49:13,900 --> 00:49:19,740
transitive policy any transitive not on the allow list is flagged the rule provides two remediations

757
00:49:19,740 --> 00:49:23,900
replace the top level package with an approved alternative or add an exclusion in the build

758
00:49:23,900 --> 00:49:28,460
that removes the transitive when feasible the system prints the exact chain so developers don't

759
00:49:28,460 --> 00:49:33,740
be long preview quarantine preview packages live only indesignated test folders with build

760
00:49:33,740 --> 00:49:39,180
configs that never ship C.I. and forces folder scoping deploy treats preview artifacts as production

761
00:49:39,180 --> 00:49:44,860
blockers a youth primitive enforcement encode static analyzers for popular stacks verify that

762
00:49:44,860 --> 00:49:51,740
workloads instantiate client certificate credential or equivalent not client secret credential or

763
00:49:51,740 --> 00:49:57,180
device code human apps must use broke out flows only any mismatch fails the build with the

764
00:49:57,180 --> 00:50:04,860
violated clause and links to the spec governance lead if the right library isn't the shortest path

765
00:50:04,860 --> 00:50:10,700
you already lost tie this to kpi so you can see the slope bend blocked dependency violations spike

766
00:50:10,700 --> 00:50:16,860
early then stabilize as templates bake approved imports secrets encode findings trend to zero

767
00:50:16,860 --> 00:50:22,140
because secret friendly helpers cannot compile incidents tied to SDK regressions drop because

768
00:50:22,140 --> 00:50:27,500
latest is not a policy delivery velocity increases because developers stop hunting oath examples

769
00:50:27,500 --> 00:50:33,020
the template provides one path that passes first try failure as feedback one line us teach the loop

770
00:50:33,020 --> 00:50:39,180
denied Microsoft graph the beta and production project move to tests pass beta denied client secret

771
00:50:39,180 --> 00:50:44,940
credential in workload assembly use client certificate credential denied device code flow

772
00:50:44,940 --> 00:50:50,620
reference in non interactive class switch to app credentials denied unapproved transitive com

773
00:50:50,620 --> 00:50:56,780
contoso dot author helper replace top-level contoso SDK with approved contoso SDK light security

774
00:50:56,780 --> 00:51:03,180
engineer gates beat checklists they don't trust vibes they compile imports take away default deny

775
00:51:03,180 --> 00:51:07,580
your supply chain pin what's allowed ban what's dangerous and let gates do the teaching governance

776
00:51:07,580 --> 00:51:13,020
artifact three our back models and prohibited combinations rolls aren't entitlements their contracts

777
00:51:13,020 --> 00:51:18,060
if you don't constrain which powers can coexist escalation isn't a scenario it's a certainty concrete

778
00:51:18,060 --> 00:51:24,300
example a well-meaning ops engineer gets application administrator to fix a consent glitch another day

779
00:51:24,300 --> 00:51:30,860
they're granted cloud application administrator temporarily to unblock an app proxy each role alone

780
00:51:30,860 --> 00:51:35,820
is survivable together they can create update consent and grant app permissions end to end that's

781
00:51:35,820 --> 00:51:41,180
a full authority circuit hidden in plain sight nothing rings nothing breaks until you need to explain

782
00:51:41,180 --> 00:51:45,980
how an internal tool suddenly gained tenant wide access without passing through a board consequence

783
00:51:45,980 --> 00:51:50,220
standing privileges stop being the immediate threat the combinatorics of authority become the

784
00:51:50,220 --> 00:51:55,500
threat two medium roles become one high risk capability a pipeline service principle with directory

785
00:51:55,500 --> 00:51:59,900
readers plus a custom role that can assign app roles is functionally an admin if nobody forbids

786
00:51:59,900 --> 00:52:08,220
the pair escalation isn't exotic it's algebra identity architect most roll ups aren't malicious

787
00:52:08,220 --> 00:52:12,940
their architectural pairs make powers you never meant to exist spec kit fix and code separation of

788
00:52:12,940 --> 00:52:18,060
duties as code not as a slide then make prohibited combinations fail closed start with the

789
00:52:18,060 --> 00:52:23,900
constitution define the persona catalog and then never together set examples that matter human

790
00:52:23,900 --> 00:52:29,260
personas developer platform operator incident responder identity administrator auditor non-human

791
00:52:29,260 --> 00:52:34,780
personas line of business demon automation agent partner integration prohibited pairs sample

792
00:52:35,420 --> 00:52:41,420
application administrator plus cloud application administrator privilege role administrator

793
00:52:41,420 --> 00:52:49,100
plus security administrator directory writers of any kind plus consent grant authority user administrator

794
00:52:49,100 --> 00:52:55,660
plus authentication administrator any high impact human role plus break glass privileges any

795
00:52:55,660 --> 00:52:59,580
privilege role assigned to service principles these aren't suggestions their constraints your

796
00:52:59,580 --> 00:53:04,780
policy engine can evaluate specification turns that law into purpose on our contracts each

797
00:53:04,780 --> 00:53:09,660
spec list permitted roles pm eligibility maximum activation duration dual approvals were needed

798
00:53:09,660 --> 00:53:15,420
and critically explicit prohibitions a developer persona might get no entry privilege roles ever

799
00:53:15,420 --> 00:53:21,100
a platform operator uses narrowly scoped azure roles pm eligible with four hour max and business

800
00:53:21,100 --> 00:53:27,020
justification an incident responder gets time box security reader and when needed pm elevated security

801
00:53:27,020 --> 00:53:32,860
administrator with dual approvals never combined with privileged role administrator non-human identities

802
00:53:32,860 --> 00:53:38,860
get custom abscoped roles certificate authentication owner assignment to the identity team and zero tenant

803
00:53:38,860 --> 00:53:44,780
wide admin roles gates to the teaching request to assign application administrator to a developer to

804
00:53:44,780 --> 00:53:50,940
create an app registration faster CI fails with denied by developer persona no directory admin roles

805
00:53:50,940 --> 00:53:56,060
use app registration is code module with identity ownership see spec our back dev 0 0 1

806
00:53:56,060 --> 00:54:00,140
proposal to grant cloud application administrator to an ops engineer who already holds application

807
00:54:00,140 --> 00:54:06,700
administrator for a prior ticket the arbach gate fails prohibited pair a pasquet split duties

808
00:54:06,700 --> 00:54:11,740
root consent through identity attempt to give a pipeline service principle directory readers

809
00:54:11,740 --> 00:54:17,740
for exports gate denies standing directory roles are prohibited for non-humans use custom app role

810
00:54:17,740 --> 00:54:23,580
with read only scope and certificate a youth see spec our back in L 0 0 3 failure as feedback

811
00:54:23,580 --> 00:54:28,140
reduces debate to diffs the job prints the prohibited pair the violated clause and the shortest

812
00:54:28,140 --> 00:54:33,260
compliant path minutes not meetings walk it as a timeline to show the pay off month before

813
00:54:33,260 --> 00:54:39,100
enforcement three temporary grants stick AA for a feature team CAA for a platform engineer

814
00:54:39,100 --> 00:54:44,460
and a one off privileged role administrator to fix pm settings the blast radius is one email away

815
00:54:44,460 --> 00:54:50,460
from end to end control month to someone creates a partner app that just needs consent the AA plus

816
00:54:50,460 --> 00:54:57,900
CAA holder provides help no malicious intent just convenience with authority month three audit

817
00:54:57,900 --> 00:55:03,260
asks who can create apps grant consent and assign roles the answer is a shrug because combinations

818
00:55:03,260 --> 00:55:08,220
on track as combinations their lines and separate logs now the contrast under spec kit month

819
00:55:08,220 --> 00:55:13,740
prohibited pairs encoded any attempt to add CAA to a human already holding AA fails closed

820
00:55:13,740 --> 00:55:18,860
the owner gets a remediation split duties either route through identity or remove AA first and

821
00:55:18,860 --> 00:55:25,740
time box CAA via pm for the specific change month two partner app request lands as a tier three change

822
00:55:25,740 --> 00:55:31,020
the workflow compiles scope consent path and who can approve no individual has the pair that could

823
00:55:31,020 --> 00:55:35,660
rubber stamp in a sprint it's designed by friction enough to stop the accidental circuit

824
00:55:35,660 --> 00:55:40,460
month three audit doesn't ask who might have combinations it runs a query that prohibited

825
00:55:40,460 --> 00:55:46,380
pair count and evidence attached platform engineer we cut off entire families of oops by making

826
00:55:46,380 --> 00:55:51,580
the compiler refuse them make non human identities explicit because that's where drift hides service

827
00:55:51,580 --> 00:55:56,540
principles multiply out live owners and quietly accumulate capability the constitution for bits

828
00:55:56,540 --> 00:56:01,740
tenant wide admin roles for non humans the spec white list custom roles with narrow API aligned

829
00:56:01,740 --> 00:56:08,220
actions gates verify any attempt to grant global administrator application administrator or a role

830
00:56:08,220 --> 00:56:13,980
above the custom set to a service principle fails with non human principle cannot hold tenant wide

831
00:56:13,980 --> 00:56:19,260
admin roles use app roles or narrowly scope custom role now the human pressure point incident

832
00:56:19,260 --> 00:56:24,540
at two a men can we just assign security administrator to the p_i_m_admin to unblock investigations

833
00:56:24,540 --> 00:56:31,420
without code that's a quick portal click with code the gate rejects prohibited pair p_r_a plus s_a

834
00:56:31,420 --> 00:56:37,580
use incident responder persona with pymgated s_a_ and dual approvals the escalator becomes a pattern

835
00:56:37,580 --> 00:56:42,380
not a bypass change control provides the escape valve with friction tier four constitutional

836
00:56:42,380 --> 00:56:47,740
amendments can propose temporary exemptions sunset date compensating controls telemetry but they

837
00:56:47,740 --> 00:56:53,180
can't sneak in the waiver itself is code it expires on its own alerts fire if it lingers matrix

838
00:56:53,180 --> 00:56:58,540
tie the loop so you see movement not intent standing privilege roles trend to zero because non p_m

839
00:56:58,540 --> 00:57:03,820
assignments above threshold can't merge prohibited combinations detected stays at zero or pages

840
00:57:03,820 --> 00:57:09,100
a responder when it flips average p_m activation duration trends under the max because least privilege

841
00:57:09,100 --> 00:57:14,140
designs remove elevation from routine work escalation requests shift from slack to structure the

842
00:57:14,140 --> 00:57:20,060
approvals with evidence security engineer we didn't make people perfect we made dangerous shapes

843
00:57:20,060 --> 00:57:26,220
unspellable one last failure as feedback burst to lock muscle memory denied assigning c_a_a to

844
00:57:26,220 --> 00:57:34,380
user u_123 violates a a does c_a prohibition remove a a or root via identity denied assigning

845
00:57:34,380 --> 00:57:40,140
directory readers to sph our export non human directory read via custom app role only denied

846
00:57:40,140 --> 00:57:46,060
p_r_a request for incident lead who also holds s_a prohibited pair use incident responder persona

847
00:57:46,060 --> 00:57:51,980
take away treat roles as contracts and encode never together encode if a combination can synthesize

848
00:57:51,980 --> 00:57:59,100
power you didn't intend the operation shouldn't exist governance artifact four tenant invariance

849
00:57:59,100 --> 00:58:04,620
laws of the tenant are not preferences if a law can be bypassed by a pull request it isn't a law

850
00:58:04,620 --> 00:58:10,780
it's a suggestion the system will ignore under pressure concrete example a team registers h_r_tool

851
00:58:10,780 --> 00:58:17,260
with no owner a free text display name local host and wildcard redirects for testing and a client secret

852
00:58:17,260 --> 00:58:23,260
said to expire in two years the app works a quarter later nobody can find the owner to approve a change

853
00:58:23,260 --> 00:58:28,780
the wildcard redirect migrates into a prod manifest through pipeline reuse the secret appears in

854
00:58:28,780 --> 00:58:35,100
a script to make rotation easier nothing looked malicious everything was negotiable consequence

855
00:58:35,100 --> 00:58:39,740
the directory becomes archaeologically interesting on a list objects linger because deleting them

856
00:58:39,740 --> 00:58:45,340
feels risky redirects become attack surface by accident naming chaos kills your ability to query

857
00:58:45,340 --> 00:58:50,620
and classify at speed secrets proliferate behind good intentions when an incident lands responders

858
00:58:50,620 --> 00:58:56,700
begin with guesswork not evidence spec kit fix define tenant invariance as constitutional law compile

859
00:58:56,700 --> 00:59:02,700
them in c_i_ and at deploy and reconcile runtime drift on a schedule identity architect tenant

860
00:59:02,700 --> 00:59:07,580
invariance are your gravity they keep everything falling the same direction what belongs in law not in

861
00:59:07,580 --> 00:59:13,180
law naming and classification app business unit purpose and with character limits and allowed sets

862
00:59:13,180 --> 00:59:18,540
display names mirror the pattern no emojis no test app no ambiguity why so you can select

863
00:59:18,540 --> 00:59:23,740
quarantine and retire with a query not a scavenger hunt ownership every app registration has exactly

864
00:59:23,740 --> 00:59:29,100
one primary owner in the identity team plus a service owner group ownerless objects are rejected why

865
00:59:29,100 --> 00:59:34,700
because who approves this is not a slack thread it's a property authentication primitives workloads

866
00:59:34,700 --> 00:59:39,340
authenticate with certificates pinned to approved c_a_s with rotation cadence client secrets are

867
00:59:39,340 --> 00:59:45,580
prohibited in production why because non repudiation is a property not a reminder redirect hygiene no

868
00:59:45,580 --> 00:59:51,180
wildcards no local host outside sanctioned dev parts redirects must resolve to approve domains why

869
00:59:51,180 --> 00:59:57,420
because just for testing becomes now in prod when pipelines copy files audience and token posture

870
00:59:57,420 --> 01:00:02,380
app audience and token lifetimes follow baseline no personalized experiments in shipping code why

871
01:00:02,380 --> 01:00:08,140
because identity assurance is not per team consent posture encoded once user consent disabled tenant

872
01:00:08,140 --> 01:00:13,900
wide admin consent requires a workflow with spec IDs and app classes offline access allowed

873
01:00:13,900 --> 01:00:18,780
only for classes that prove need and rotation delegated perms prohibited for damans why because

874
01:00:18,780 --> 01:00:24,300
capability deployment must have provenance external boundaries partner allow lists B2B and

875
01:00:24,300 --> 01:00:29,020
cross tenant access rules are explicit and reviewed guest redemption requires strong identity

876
01:00:29,020 --> 01:00:36,460
proofing why because trusted partner IPs isn't a control it's a myth platform engineer we didn't

877
01:00:36,460 --> 01:00:41,980
get stricter we made bad shapes impossible failure as feedback how the gates teach instantly attempt

878
01:00:41,980 --> 01:00:48,700
to create app HR tool with no identity owner c_i_fails owner required assign primary owner from identity

879
01:00:48,700 --> 01:00:54,780
attached service owner group c_spectan own zero zero one attempt to add redirect HTTPS the last

880
01:00:54,780 --> 01:01:01,420
size contoso apps.net now plan fails wildcard prohibited enumerate explicit uRIs c_spectan

881
01:01:01,420 --> 01:01:07,900
radia zero zero two attempt to set a client secret on a workload deploy blocks secrets prohibited for

882
01:01:07,900 --> 01:01:15,740
workloads generate x509 via template SCA 2025 and vaulted c_spectan are youth zero zero three attempt

883
01:01:15,740 --> 01:01:20,940
to set audience or token lifetimes outside baseline gate denies with the violated clause and links

884
01:01:20,940 --> 01:01:26,620
to the constitutional section attempt to enable user consent refused tenant invariant user consent

885
01:01:26,620 --> 01:01:32,860
disabled use admin consent workflow linked to a spec ID consequence developers don't memorize rules

886
01:01:32,860 --> 01:01:37,180
they learn by compilation the path of least resistance becomes the compliant path because the

887
01:01:37,180 --> 01:01:42,620
wrong shapes cannot land make this visceral with operational reconciliation scheduled jobs compare

888
01:01:42,620 --> 01:01:48,380
runtime state to invariance owner reconciliation quarantine ownerless objects notify identity and

889
01:01:48,380 --> 01:01:54,860
service owner group auto retire on time expiry redirect scan flag redirects outside approved domains

890
01:01:54,860 --> 01:02:01,580
open remediations automatically secret detection search for secrets on workload principles block usage

891
01:02:01,580 --> 01:02:08,140
trigger certificate onboarding name hygiene detect objects of pattern open rename tasks with proposed

892
01:02:08,140 --> 01:02:14,140
values security engineer we stopped letting drift sneak in the compiler refused it reconciliation

893
01:02:14,140 --> 01:02:20,060
erased leftovers human pressure moment where invariance matter most a rush demo needs a new redirect

894
01:02:20,060 --> 01:02:28,620
today without law a wildcard lands temporarily with law the plan fails the developer adds the exact uRI

895
01:02:28,620 --> 01:02:34,700
the demo still happens the wildcard never exists fast contrast snapshot before five documents zero

896
01:02:34,700 --> 01:02:40,220
enforcement redirects and secrets just for dev drift into prod onalous apps resist deletion ordered

897
01:02:40,220 --> 01:02:45,740
is a month of spreadsheets after one constitution with machine checkable invariance C.I.N.D.Ploy compile

898
01:02:45,740 --> 01:02:51,500
every shape reconciliation quarantine stragglers ordered opens with a query and closes with evidence

899
01:02:51,500 --> 01:02:55,660
governance lead if it isn't enforced where objects are born you're doing archaeology

900
01:02:55,660 --> 01:03:01,420
KPIs that prove invariance are working onalous apps trending to zero quarantine counts decline as

901
01:03:01,420 --> 01:03:07,420
hygiene stabilizes secrets in prod zero by mechanical impossibility wildcard local host redirects

902
01:03:07,420 --> 01:03:13,340
outside dev zero by plan failure often admin grants trending down all grants mapped to spec IDs

903
01:03:13,340 --> 01:03:19,180
and owners mean time to retirement for stale principles measured in days not quarters tie each number

904
01:03:19,180 --> 01:03:24,860
to a gate so causality is explicit owners at zero because ownership is required in C.I. secrets

905
01:03:24,860 --> 01:03:29,580
add zero because the deploy step prohibits them redirects clean because the plan refuses wildcards

906
01:03:29,580 --> 01:03:34,220
grants governed because workflows requires spec IDs retirement fast because quarantine and

907
01:03:34,220 --> 01:03:41,340
timers exist take away tenant invariance aren't pros they're laws the system enforces and code

908
01:03:41,340 --> 01:03:45,900
naming ownership redirects oath primitives consent posture and partner boundaries as code

909
01:03:45,900 --> 01:03:51,340
compile them everywhere and reconciliation will keep reality aligned with intent governance artifact

910
01:03:51,340 --> 01:03:56,460
five testing gates gates are negative proofs machines that refuse forbidden shapes or drift can't

911
01:03:56,460 --> 01:04:01,820
cross the boundary if a violation can pass you don't have a policy you have a paragraph concrete

912
01:04:01,820 --> 01:04:07,020
example a team submits a pull request that adds directory read right all to an onboarding reader

913
01:04:07,020 --> 01:04:14,460
C.I. compiles the manifest against the class allow list and fails fast denied by onboarding reader use user

914
01:04:14,460 --> 01:04:24,860
read all group more read all or app role onboarding writer via spec onboard zero zero one

915
01:04:24,860 --> 01:04:29,740
the developer adjusts the request and reruns the job build goes green in minutes nobody schedules

916
01:04:29,740 --> 01:04:35,420
a meeting nobody writes a retrospective the gate taught the right move once permanently consequence

917
01:04:35,420 --> 01:04:39,900
failures arrive when changes cheapest you stop discovering problems in order and start discovering

918
01:04:39,900 --> 01:04:45,500
them in a branch cognitive load drops because violations are precise actionable and attached to

919
01:04:45,500 --> 01:04:51,340
the spec ID that owns the rule security engineer gates beat good intentions they're fast specific

920
01:04:51,340 --> 01:04:56,380
and they don't argue spec kit fix treat gates as a four stage compiler generation build deploy

921
01:04:56,380 --> 01:05:01,820
reconcile same laws everywhere no back doors generation gates intercept the plan the agent

922
01:05:01,820 --> 01:05:06,540
proposes dependencies and flows a validator compiles the plan against allow lists and tenant

923
01:05:06,540 --> 01:05:11,740
invariants microsoft.graph bonked beta in a production project rejected with the approved five

924
01:05:11,740 --> 01:05:16,700
X range OAuth helper that writes secrets rejected with the X5 or nine template these gates prevent a

925
01:05:16,700 --> 01:05:21,900
bad day later by preventing a bad plan now build gates enforce shapes before merge they run quickly

926
01:05:21,900 --> 01:05:27,420
locally and in CI permission gate compares requested scopes to the app class allow list prints the

927
01:05:27,420 --> 01:05:33,180
expected set and a link to the spec dependency gate scans manifests and transitives for bits previews

928
01:05:33,180 --> 01:05:38,220
in production band secret friendly symbols and human flows in demon assemblies policy gate

929
01:05:38,220 --> 01:05:45,020
lint's conditional access Jason blocks user group exclusions all apps minus n and report only on

930
01:05:45,020 --> 01:05:51,260
always enforce policies requires engineered attribute scoping are back gate evaluates persona

931
01:05:51,260 --> 01:05:56,460
contracts and prohibited pairs refuses standing privilege rolls above threshold and dangerous role

932
01:05:56,460 --> 01:06:02,620
combinations tenant gate verifies naming owner assignment redirect hygiene audience and consent

933
01:06:02,620 --> 01:06:08,700
posture fails on a list objects and wild cards with direct remediation deploy gates validate

934
01:06:08,700 --> 01:06:14,380
effective state before apply they call graph p_i_m_ and policy engines to compute what the tenant

935
01:06:14,380 --> 01:06:19,580
will look like with the change ownerless app the deploy step refuses to create it and opens an

936
01:06:19,580 --> 01:06:25,500
owner assignment task policy would reduce effective coverage for human denied with the violated clause

937
01:06:25,500 --> 01:06:30,620
service principle asking for directory readers blocked the job prints the approved custom app role

938
01:06:30,620 --> 01:06:36,700
and cert path reconcil gates run on a schedule and catch runtime drift often grants stale

939
01:06:36,700 --> 01:06:43,740
guides renamed groups secrets on workloads redirects outside approved domains or coverage gaps

940
01:06:43,740 --> 01:06:48,700
they quarantine notify an auto retire with timers this is your garbage collector for identity

941
01:06:48,700 --> 01:06:54,940
platform engineer same rules everywhere if the wrong shape can't merge it can't deploy

942
01:06:54,940 --> 01:07:00,140
and if it sneaks in reconcil and timers take it out failure as feedback make it visceral denied

943
01:07:00,140 --> 01:07:04,620
files read right all not on tools reader allow list use content export app role spec

944
01:07:04,620 --> 01:07:10,460
cunt 007 denied device code flow reference in non interactive assembly switch to client certificate

945
01:07:10,460 --> 01:07:17,180
credential denied conditional access user exclusion in human always enforce use workload identity pattern

946
01:07:17,180 --> 01:07:24,380
denied a plus a pair for user you on 23 split duties root consent via identity denied wildcard

947
01:07:24,380 --> 01:07:33,180
redirect rcdps e upmarsht contoso apps dot net enumerate explicit uri identity architect gates don't

948
01:07:33,180 --> 01:07:39,820
shame they root scalability rules so developers keep moving local first run the same validators as

949
01:07:39,820 --> 01:07:45,660
c i with a single command no waiting for a remote pipeline to learn a rule parallelization permission

950
01:07:45,660 --> 01:07:50,940
dependency policy rbac and tenant checks run concurrently green bars in seconds not minutes caching

951
01:07:50,940 --> 01:07:56,220
and versioning all our lists and invariants are versioned c i logs which version enforce the decision

952
01:07:56,220 --> 01:08:01,580
rollbacks are deterministic human ergonomics every failure message names the violated clause

953
01:08:01,580 --> 01:08:07,740
the spec id and the shortest compliant path no scavenger hunts governance lead we didn't add gates

954
01:08:07,740 --> 01:08:13,260
to slow teams we added them to remove bad paths fast contrast example before gates and over

955
01:08:13,260 --> 01:08:18,860
permission scope ships the audit finds it six months later the fix takes a quarter after gates

956
01:08:18,860 --> 01:08:24,780
the scope dies in c i the developer ships in the same hour one organization celebrated zero blocks

957
01:08:24,780 --> 01:08:31,340
they were breakless after enabling gates blocked permission spiked for two sprints then normalized

958
01:08:31,340 --> 01:08:36,060
velocity went up variance went down tie the gates to kpi's you already track consent velocity

959
01:08:36,060 --> 01:08:41,100
flattens because c i refuses non-alolistic scopes and deploy refuses often grants blocked

960
01:08:41,100 --> 01:08:45,980
permission spike early then settle as templates harden standing privileged rolls trend to zero

961
01:08:45,980 --> 01:08:51,020
because aback gates prohibit non-pim and dangerous pairs effective coverage rises because policy

962
01:08:51,020 --> 01:08:56,700
gates can't merge exclusions and mttr drops because reconcil keeps the graph legible and deploy gates

963
01:08:56,700 --> 01:09:03,260
prevent ambiguous state take away gates are compilers for identity generation build deploy and

964
01:09:03,260 --> 01:09:08,540
reconcile that turn intent into deterministic outcomes if a shape can't pass a gate it can't create

965
01:09:08,540 --> 01:09:14,300
drift governance artifact six change control and approval workflows approvals are not ceremony

966
01:09:14,300 --> 01:09:19,260
they're your legislature if gates are the courts that interpret law change control is how law is

967
01:09:19,260 --> 01:09:24,380
made amended and repealed deliberately with evidence not vibes concrete example a team wants to add

968
01:09:24,380 --> 01:09:30,300
mail read right to an internal analytics tool to export reports faster before spec kid this landed

969
01:09:30,300 --> 01:09:36,140
as a chat thread and a portal click after spec kid it lands as a tiered request with a spec ID a dip

970
01:09:36,140 --> 01:09:42,540
and proofs the form shows current scopes proposed scopes class allow list comparison the c i result

971
01:09:42,540 --> 01:09:47,660
that failed the raw scope and passed the app role alternative and the runtime impact graph approvals

972
01:09:47,660 --> 01:09:53,260
don't debate taste they review a delta with receipts consequence urgency stops bypassing intent

973
01:09:53,260 --> 01:09:57,820
approvals become a small number of predictable pathways each tied to risk and compile time

974
01:09:57,820 --> 01:10:02,780
evidence most requests self-approved because they already conformed the few that don't get daylight

975
01:10:02,780 --> 01:10:08,060
context and accountability security engineer if your approval needs a meeting your artifact was

976
01:10:08,060 --> 01:10:14,060
incomplete here's the tearing that turns escalations into system behavior tier one low risk auto

977
01:10:14,060 --> 01:10:20,780
approve changes that match allow lists personas and invariants examples adding a spec conforming

978
01:10:20,780 --> 01:10:26,620
redirect updating a certificate on a workload identity requesting read only scopes within an app

979
01:10:26,620 --> 01:10:33,740
class requirement pass gates attach spec ID log evidence a proof of record is automation tier two

980
01:10:33,740 --> 01:10:39,260
medium risk single approval changes that expand within guardrails examples adding a new read scope

981
01:10:39,260 --> 01:10:44,380
inside the class allow list enabling a new brokert client app for human personas onboarding a

982
01:10:44,380 --> 01:10:49,420
partner's approved read only integration requirement c i evidence plan diffs runtime coverage

983
01:10:49,420 --> 01:10:56,060
impact approver identity team tier three high risk dual approval authority changes with real blast

984
01:10:56,060 --> 01:11:01,420
radius examples new conditional access policies in always in force classes are back assignments above

985
01:11:01,420 --> 01:11:06,860
threshold partner right integrations requirement spec ID risk summary rollback plan c i and deploy

986
01:11:06,860 --> 01:11:12,540
gate proofs approvers identity and security tier four critical constitutional amendments

987
01:11:12,540 --> 01:11:18,060
exceptions to invariants examples temporary allowance of a preview SDK for a pilot a time boxed

988
01:11:18,060 --> 01:11:23,180
relaxation of a policy due to vendor breakage requirement sunset date compensating controls

989
01:11:23,180 --> 01:11:29,020
monitoring hooks owner telemetry binding a prover seesaw or delegated board the amendment is code

990
01:11:29,020 --> 01:11:35,900
and self expires platform engineer we traded opinion for oracles diffs and proves failure as feedback

991
01:11:35,900 --> 01:11:41,260
show how the legislature teaches a contributor submits a tier two request to add files read write

992
01:11:41,260 --> 01:11:47,260
all to a tool class with read only allow list the system pre runs evidence denied scope violates tools

993
01:11:47,260 --> 01:11:53,820
reader allow list alternative exists app role content export via spec content 0 7 c i past for this

994
01:11:53,820 --> 01:12:00,300
path the request converts itself into the correct change no escalation no committee another pushes

995
01:12:00,300 --> 01:12:05,580
a tier three request to add a user based exclusion to meet a demo deadline the policy compiler blocks

996
01:12:05,580 --> 01:12:11,980
human always enforce forbids user that's group exclusions use workload identity pattern attach

997
01:12:11,980 --> 01:12:18,780
spec wide 0 0 0 3 proof the request is rejected with the only compliant route identity architect

998
01:12:18,780 --> 01:12:25,020
a good approval flow never asks for trust it asks for the diff ownership is explicit to prevent ghost

999
01:12:25,020 --> 01:12:30,540
decisions the identity team owns scope app registration posture and tenant invariants security

1000
01:12:30,540 --> 01:12:35,500
owns conditional access and RBIAC posture platform owns rollout choreography and backout steps

1001
01:12:35,500 --> 01:12:40,300
business owns necessity and timing every approval is signed by a persona not a mailbox

1002
01:12:40,300 --> 01:12:45,580
evidence is immutable and linked to the spec ID make emergency posture feel safe not loose break

1003
01:12:45,580 --> 01:12:51,260
class is its own tier four just in time workstation higher assurance dual approvers on call time box

1004
01:12:51,260 --> 01:12:56,220
activation automatic deprovision and live alerts after action automation creates a root cause

1005
01:12:56,220 --> 01:13:01,100
record what non-emergency path failed and what constitutional change removes that failure mode

1006
01:13:01,100 --> 01:13:06,860
governance lead escalation is a design decision not a vibe time metrics to decisions you stop

1007
01:13:06,860 --> 01:13:13,100
negotiating median approval time by tier tier one seconds tier two hours tier three days

1008
01:13:13,100 --> 01:13:17,820
tier four rare and deliberate if tier two drifts upward your evidence bundle is missing standard

1009
01:13:17,820 --> 01:13:23,500
proofs fixed templates not people rejection reasons by clause top causes print where to improve

1010
01:13:23,500 --> 01:13:29,580
training and templates scope not on allow list prohibited pair policy invariant violation

1011
01:13:29,580 --> 01:13:36,460
missing owner become bar charts not surprises waiver count an age small and time bound auto expiry is

1012
01:13:36,460 --> 01:13:43,100
a graph you watch if waivers linger amend the constitution or fix the platform no zombie exceptions rollback

1013
01:13:43,100 --> 01:13:49,900
rate low and falling because requests pre compile if rollbacks rise your oracles are weak tighten gates

1014
01:13:49,900 --> 01:13:56,220
not change control fast contrast before approvals were chats screenshots and force merges

1015
01:13:56,220 --> 01:14:02,780
after approvals are diffs evidence and time boxed law before temporary lasted forever after

1016
01:14:02,780 --> 01:14:08,460
waiver self expire and page you if they don't take away approvals aren't all passes they're your

1017
01:14:08,460 --> 01:14:13,580
legislature bind every request to a spec ID pre run the proofs tier the risk and make exceptions code

1018
01:14:13,580 --> 01:14:18,380
with sunsets if an approval can't cite the law the diff and the evidence it's not governance

1019
01:14:18,380 --> 01:14:24,220
it's negotiation from spec to enforcement the implementation story the only requirement for success

1020
01:14:24,220 --> 01:14:29,260
is refusing to ship anything the constitution can't prove if intent holds at every handoff drift

1021
01:14:29,260 --> 01:14:34,060
doesn't get a chance a concrete example a platform team inherits a sprawl of app registrations broad

1022
01:14:34,060 --> 01:14:39,020
graph scopes and policy exclusions they pick one leak AI generated onboarding readers asking for

1023
01:14:39,020 --> 01:14:44,700
directory read right bond all and run the loop the result isn't a meeting it's a compiler here's

1024
01:14:44,700 --> 01:14:50,300
the five step arc walked once then contrasted fast step one problem definition not a dashboard a

1025
01:14:50,300 --> 01:14:56,460
slope the inventory the tenant count active app registrations tag owners export OAuth grants

1026
01:14:56,460 --> 01:15:01,100
list conditional access policies with exclusions and enumerate standing privilege rolls

1027
01:15:01,100 --> 01:15:07,020
two kpi set the baseline consent velocity is rising block permissions are zero and standing privilege

1028
01:15:07,020 --> 01:15:12,540
rolls number 29 the heat sources clear onboarding readers keep requesting write scopes and getting

1029
01:15:12,540 --> 01:15:18,300
approved to keep testing moving identity architect if you can't draw the curve you intend to bend

1030
01:15:18,300 --> 01:15:23,980
you are not ready to bend it step two spec creation they draft the constitution entries that matter

1031
01:15:23,980 --> 01:15:30,940
now not tomorrow scope allow lists by app class delegated permissions prohibited for demons client

1032
01:15:30,940 --> 01:15:37,660
secrets banned in pro no user based policy exclusions prohibited role pairs encoded then they author

1033
01:15:37,660 --> 01:15:43,500
spec onboard zero zero one a feature spec for onboarding readers it names the only permitted scopes

1034
01:15:43,500 --> 01:15:49,500
user read all and group read all and the right path an internal api app role onboarding

1035
01:15:49,500 --> 01:15:55,020
writer behind server side validation it maps personas out model and evidence queries for coverage

1036
01:15:55,020 --> 01:16:00,380
the spec gets an immutable ID everything downstream sites it platform engineer we replaced guidance

1037
01:16:00,380 --> 01:16:06,140
with a contract step three planning they let the agent propose the stack Microsoft graph five point

1038
01:16:06,140 --> 01:16:11,340
x azure identity with certificates and retry telemetry defaults the plan compiles against the

1039
01:16:11,340 --> 01:16:16,540
dependency allow list and tenant invariance a preview SDK rejected with the approved range

1040
01:16:16,540 --> 01:16:21,740
and o-auth helper that support secrets rejected with the x509 template and key vault binding

1041
01:16:21,740 --> 01:16:26,700
the plan includes a quick start sample calls to the internal api for rights and a test matrix

1042
01:16:26,700 --> 01:16:31,340
that hits success and failure paths security engineer we didn't trust the plan because it was

1043
01:16:31,340 --> 01:16:36,940
pretty we trusted it because it compiled step four tasks the plan breaks into atomic verifiable

1044
01:16:36,940 --> 01:16:43,180
steps linked to spec onboard zero zero one t zero zero one manifest requests only user read all

1045
01:16:43,180 --> 01:16:47,820
and group read all t zero two workload identity uses client certificate credential

1046
01:16:47,820 --> 01:16:53,100
tason three policy coverage proves approved client app requirement hits human persona no user

1047
01:16:53,100 --> 01:16:59,900
exclusions permitted tw4 dependency scanner passes no preview packages no band symbols t zero zero five

1048
01:16:59,900 --> 01:17:05,500
api app role onboarding writer available integration tests call it not raw graph writes

1049
01:17:05,500 --> 01:17:12,140
each task defines the checker gate will run human stop sampling machines prove governance lead

1050
01:17:12,140 --> 01:17:18,460
we moved review from taste to tests step five enforcement gates do the teaching at generation build

1051
01:17:18,460 --> 01:17:24,220
deploy and reconcile generation the plan validator refuses preview graph or secret friendly helpers

1052
01:17:24,220 --> 01:17:29,660
and prints the approved alternatives build permission gate denies directory read write all for the

1053
01:17:29,660 --> 01:17:34,540
reader class and prints the expected set with a link to spec onboard zero zero one dependency gate

1054
01:17:34,540 --> 01:17:39,180
rejects device code references in demon assemblies policy linter blocks any user based exclusion

1055
01:17:39,180 --> 01:17:45,500
and all cloud apps minus n deploy runtime validator refuses to create onalys apps blocks secrets

1056
01:17:45,500 --> 01:17:50,060
on workloads and denies policies that would reduce effective coverage the job prints the violated

1057
01:17:50,060 --> 01:17:55,500
clause and the fix reconciled nightly jobs quarantine onalys objects flag unexpected redirects

1058
01:17:55,500 --> 01:17:59,580
and alert on coverage regression failure as feedback turns minutes into muscle memory

1059
01:17:59,580 --> 01:18:03,820
a developer bumps graph to latest and the walker flags a preview transitive the message names

1060
01:18:03,820 --> 01:18:10,140
the chain in the fix another tries to skip the internal API and request files read write book all

1061
01:18:10,140 --> 01:18:16,140
CI denies and prints use onboarding writer via spec onboard zero zero one they swap one line and ship

1062
01:18:16,140 --> 01:18:21,740
fast contrast before enforcement the readers ships with right scopes all did catches it six months

1063
01:18:21,740 --> 01:18:27,820
later the team burns a quarter untangling grants after enforcement the scope dies in CI the

1064
01:18:27,820 --> 01:18:33,580
compliant path deploys in the same hour no grant ever existed to clean up now the timeline payoff

1065
01:18:33,580 --> 01:18:39,500
week one the team runs an inventory assigns owners and tags every grant with a spec idea or unknown

1066
01:18:39,500 --> 01:18:45,020
blocked permissions lead from zero to thirty seven as gates go live consent velocity dips week two

1067
01:18:45,020 --> 01:18:49,980
onboarding readers across three repose refactor to the api app role pattern secrets vanish from

1068
01:18:49,980 --> 01:18:54,700
workloads because deploy forbids them week three conditional access exclusions for service

1069
01:18:54,700 --> 01:18:59,340
principles shrink as pipelines adopt the workload identity pattern and human coverage ticks up

1070
01:18:59,900 --> 01:19:05,180
week four dashboards stabilize blocked permissions normalized to five to seven per sprint

1071
01:19:05,180 --> 01:19:11,100
standing privilege rolls dropped to three all time boxed effective coverage for human exceeds 96%

1072
01:19:11,100 --> 01:19:16,940
empty tr for access incidents falls from eleven hours to three with narrower variance identity

1073
01:19:16,940 --> 01:19:22,540
architect direction is the result not the speech make the pressure moment explicit a product manager

1074
01:19:22,540 --> 01:19:27,260
asks for a Friday demo can we just grant right for speed that the gates answer not people the denial

1075
01:19:27,260 --> 01:19:32,300
points to the api role the sample call and spec on board zero zero one the demo happens the bypass

1076
01:19:32,300 --> 01:19:37,820
doesn't tie the loop to a second fast example to cement the pattern a partner integration requests

1077
01:19:37,820 --> 01:19:46,300
directory read all insights read right all to simplify sync under the constitution partner

1078
01:19:46,300 --> 01:19:51,980
integrations get a reviewed set offline loss access is rare and rotated writes go through app roles

1079
01:19:52,540 --> 01:19:58,380
the plan compiles all the request fails no debates no favors take away implementation is not a meeting

1080
01:19:58,380 --> 01:20:04,780
it's a compiler problem spec plan tasks gates if a shape can't pass a generation build deploy and

1081
01:20:04,780 --> 01:20:11,500
reconcile it can't create drift the accountability shift measuring governance outcomes direction is

1082
01:20:11,500 --> 01:20:17,260
proven by curves not ceremonies if intent holds the numbers move predictably and no one argues

1083
01:20:17,260 --> 01:20:23,260
concrete example a quarterly review asks are we safer before you show trainings and tickets after

1084
01:20:23,260 --> 01:20:28,300
constitutional rollout you show six lines that explain themselves consent velocity trending

1085
01:20:28,300 --> 01:20:33,340
down and flat normalized by active projects blocked permissions biking early then stabilizing

1086
01:20:33,340 --> 01:20:38,780
lowest templates harden standing privileged roles decaying towards zero remaining assignments

1087
01:20:38,780 --> 01:20:44,220
pim eligible time boxed pm activation frequency dropping as least privilege designs remove routine

1088
01:20:44,220 --> 01:20:49,900
elevation effective conditional access coverage climbing by persona computed from queries no user group

1089
01:20:49,900 --> 01:20:55,820
exclusions mttr for access incidents shrinking with tighter variance because responders trace effective

1090
01:20:55,820 --> 01:21:01,420
permissions in minutes consequence each metric maps to a decision you stop negotiating velocity

1091
01:21:01,420 --> 01:21:06,620
down means gates filtered requests before humans blocks up then steady means enforcement teachers faster

1092
01:21:06,620 --> 01:21:12,220
than reviews standing rolls down means prohibited combinations and pim rules remove the easy buttons

1093
01:21:12,220 --> 01:21:18,540
coverage up means exclusions can't merge mttr down means ambiguity is engineered out fast contrast

1094
01:21:18,540 --> 01:21:25,260
team a treats governance as code blocked permissions rise to 41 in sprint one settle at five seven

1095
01:21:25,260 --> 01:21:33,100
consent flat ends mttr drops from 10.8 to 3.1 hours team b prompts better blocked permissions stay

1096
01:21:33,100 --> 01:21:40,860
near zero consent climbs 15% qo q incidents linger identity architect zero blocks isn't excellence

1097
01:21:40,860 --> 01:21:46,380
it's zero breaks spec kit fix bind every kpi to a gate and a spec ID consent velocity

1098
01:21:46,380 --> 01:21:51,340
flat ends because c i denies non allow listed scopes deploy rejects orphaned grounds

1099
01:21:51,340 --> 01:21:56,700
blocks stabilize as enforcement ready templates encode norms standing rolls fall because rbac

1100
01:21:56,700 --> 01:22:01,980
compiler refuses non pim and dangerous pairs coverage rises because user exclusions are mechanically

1101
01:22:01,980 --> 01:22:07,420
impossible mttr contracts because scopes roles and policies are traceable to spec IDs and owners

1102
01:22:08,140 --> 01:22:13,820
take away what you don't measure you negotiate compile intent into numbers that move one way

1103
01:22:13,820 --> 01:22:19,180
down for debt up for coverage and confidence stops being a meeting taking back architectural intent

1104
01:22:19,180 --> 01:22:24,540
a i didn't break your identity system unenforced intended compile intent constitution spec

1105
01:22:24,540 --> 01:22:31,660
skates and drift can't land cta if this changed how you think about entra subscribe and share

1106
01:22:31,660 --> 01:22:35,900
with the person who owns identity in your org then watch the enforcement templates deep dive

1107
01:22:35,900 --> 01:22:40,860
will hand you the modules and tests stop delegating decisions to convenience start compiling intent