Infrastructure Identity for platform engineers
2026-04-17
Infrastructure Identity for platform engineers
Hey there! Welcome to Platform Weekly. Your weekly look in the platform engineering mirror. Every week, we dive into best practices, news, lessons, and updates from the platform engineering community.
Plus… House of Kube hits Google Next for the first time ever! Don’t miss it
Infrastructure Identity for Platform Engineers
The weather has been perfect in Barcelona for the last week. Perfect for sitting in my room, taking our latest course on Platform Engineering University - Infrastructure Identity for Platform Engineers.
The value prop is pretty simple. If you care about security, the experience of everyone and everything interacting with your infra, humans, services, or just not having your environment blow up… this is a must.
So what is Infrastructure Identity? It's basically the practice of assigning cryptographically verified identities to every entity (Devs, AI, angry interns, services, and all kinds of our other machine friends) in your environment and using those identities to control access, rather than relying on passwords, static API keys, or VPN-based perimeters.
In the last 10 years, we’ve massively scaled our infrastructure. And AI makes this even harder. Autoscaling clusters, microservices, CI/CD pipelines, AI workloads, and more. While at the same time, our access controls are stuck in the 1990s… It’s insane. Shared SSH keys, tokens that live forever, manual provisioning, etc., etc. The kind of setup where a three-year-old API key is silently sitting in your environment, basically itching for the day it gets the chance to fulfil it’s dream and blow everything up.
In the agentic era, it's not an outlandish argument that every static secret is a live vulnerability. And platform engineers, not just security teams, are the ones who need to fix it by treating identity as a platform-level capability alongside policy and state, shifting security load down into the platform, and making secure-by-design the path of least resistance.
Our machine identities are getting smarter, faster, more capable, but most of all, there are just plain MORE of them. 100x more, and that number will keep growing. Agents multiply whatever already exists. If your baseline is shared keys and static secrets, you don't get agent-powered productivity, you get 100x exposure to the same failure modes. You cannot enable a future like that on top of access control that's locked in the past.
Four modules. All bangers. Go check it out and tell me what you think.
Quick bites
Highlight of the week:
At Google Next? We’re doing two awesome roundtables! Don’t miss them👇
From the community:
Want to watch the recordings of PlatformCon workshops and talks you weren’t able to attend? We’re uploading more every day on the community YouTube channel!
