The current process presents a security risk: when a user leaves the company, their associated API key(s) in meshStack remain active, potentially allowing unauthorized access to or modification of meshStack resources and underlying cloud resources via the building blocks.

Proposed Solution

We request a new feature that automatically summarizes all active API keys belonging to offboarding or inactive user accounts and sends this summary to an administrator.

This notification would enable the administrator to take immediate necessary security actions, such as:

Implementing this feature is critical for maintaining security compliance and ensuring immediate revocation of access upon employee departure.