CloudPro

It's the non-human identity problem you already know, surfacing where you didn't lookJune 20th 9 AM EDT| EXCLUSIVE OFFER 40% OFF - USE CODE LIMITED40BOOK YOUR TICKETS150+ engineers from 30+ countries attended our last cohort.The biggest Networking Automation experts, William Collins, Director of Tech Evangelism and John Capobianco, Head of AI & Developer Relations at Itential and are here! Get your tickers right away! Offer ends soonJune 11th 11:30 AM EDT | EXCLUSIVE OFFER 40% OFF- USE CODE SAVE40BOOK YOUR TICKETSIt's a hands-on cohort for teams already running cloud-native platforms who now have to evolve them into AI-native ones without weakening the controls underneath.Great experts & panelists joining along with other platform engineers, SREs, architects, and the leads who own those decisions.(Ps- Free Platform Engineering for Architects e-book exclusively for you!)Hi, Shreyans here.Before wegetinto this week’s issue, I wanted to share a small but important update.Apramitwill be taking over as the new editor-in-chief ofCloudProfrom this issue onward.Apramithas been withPacktfor over2years, working closely with technical content, authors, and practitioner-focused communities, and he brings exactly the kind of editorial judgment this newsletter needs: useful over noisy, practical over hyped, and grounded in what engineersactually careabout.Over to you, Apramit.Hi,I’mApramit.I’m excited to take over as editor-in-chief of this newsletter and grateful for the direction already set by Shreyans. My focus will be simple: to keep this newsletter useful, sharp, and grounded in what readers actually need. We’ll continue to look past the noise, ask practical questions, and make space for clear, thoughtful conversations around technology, publishing, and the people building with it.Now, let's continue!MCP's security crisisisn'tnew.It'sjust faster.Ifyou'vestood up an MCP server in the last year, this one's worth two minutes.The reportingaround agentic AI security keeps framing it as a brand-new threat. The more useful way to see it, adapted here fromOperational AI with Dockerby Ajeet Singh Raina and Harsh Manvar, is as the non-human identity problem we already know how to solve, surfacing in a place most teamshaven'tlooked yet.Here'sthe versionI'dsend to anyone running agents in production.MCP's credential problem is the old IAM problem in new clothesMost teams are securing their agents with shared API keys scattered across env vars and config files. That's the non-human-identity problem at machine scale and there's a clean pattern that closes it.Every few years,the industry rediscovers a problem italreadysolved, gives it a new name, and acts surprised. The "agentic AI security crisis" is this year's edition. When I read that only 22% of teams treat their agents as independent identities, and that 88% have already had or suspected a security incident, my honest reactionwasn'talarm.It wasrecognition.We'veseen this exact shape before, with service accounts and CI runners and every other non-human thing wehandeda credential and then forgot about. The CISO line making therounds,that MCP will be the AI security issue of 2026, isprobably right. It justisn'tnew.What changed is the speed. MCP made it trivially easy to give an agent real capabilities(a filesystem, a database, a GitHub account),and teamswiredthose up the way you wire things up whenyou'retrying to ship. The credentials wentwhereverwas convenient. That convenience is the whole problem.Two failure modes matter. The first is the obvious one:secrets exported as environment variables. The moment you do that, the key is sitting in your process list, in the output of a container inspect, in logs and stack traces, and in Git history,the instant a setup script gets committed. The second is quieter and worse.Each server manages its own credentials, so three servers that all need a GitHub token means three copies of that token, storedinthreedifferent ways.There'sno single place to rotate them, and no single action that revokes access. If one leaks,you'rehunting.The fix is a mediation layer. Route credentials through onebrokerso the agent never holds the raw secret, scope each agent to only the tools itactually needs, and make revocation a single action instead of a scavenger hunt. The book uses Docker's MCP gateway as its worked example:one endpoint every client connects through, backed by a single secret store.But the productisn'tthe point;the pattern is. Giving an agent an "identity"isn'ta philosophical move; it just means you can grant, scope, and revoke its access in one place, the same way you would for a person.None ofthisneedsnew technology. It needs the access disciplineyou'dnever skip for a human user, applied to the agents you quietlyhaven't.This article has been adapted fromOperational AI with Dockerby Ajeet Singh Raina and Harsh Manvar. If you want the full playbook, the book takes you from a model running on your laptop to secure, scaled agentic systems in production, with hands-on coverage of Docker Model Runner, MCP, multi-agent architectures, and Kubernetes orchestration.GET THE BOOKTHE ULTIMATE LINUX & SYSADMIN BUNDLE | 24 BOOKS | FROM $18GET YOUR BUNDLE!HUMBLE-BUNDLE is here! 24 Packt titles covering everything you need acrossLinux, SysAdmin, security, and infrastructure. Total MSRP across all 24 books is >$1,000. Bundle starts at $18. Part of every purchase supports the Prevent Cancer Foundation. Offer ends in 15 days.New here?PacktCloudProis a newsletter fromPacktfor senior cloud, DevOps, and platform engineers who want the call, not the concept. We focus on decision frameworks and real trade-offs for readers who already know the fundamentals anddon’tneed another explainer.If something landed or missed, hitreplyand tell me.I read every response, andit'show I figure outwhat'sworth running more of.Want to subscribe, or promote your product to this audience?Reach out to me directly.SUBSCRIBE*{box-sizing:border-box}body{margin:0;padding:0}a[x-apple-data-detectors]{color:inherit!important;text-decoration:inherit!important}#MessageViewBody a{color:inherit;text-decoration:none}p{line-height:inherit}.desktop_hide,.desktop_hide table{mso-hide:all;display:none;max-height:0;overflow:hidden}.image_block img+div{display:none}sub,sup{font-size:75%;line-height:0} @media (max-width: 100%;display:block}.mobile_hide{min-height:0;max-height:0;max-width: 100%;display:none;overflow:hidden;font-size:0}.desktop_hide,.desktop_hide table{display:table!important;max-height:none!important}.social_block .social-table{display:inline-block!important}}