War Story: How a Leaked Azure Service Principal Compromised a 2026 AKS Cluster It was 72 hours before Black Friday 2026, and the DevOps team at FinSecure, a mid-sized fintech startup, was racing to scale their Azure Kubernetes Service (AKS) cluster to handle projected 10x traffic spikes for their payment processing platform. None of us expected that a single leaked service principal (SP) would bring the entire cluster to its knees. The Leak: A Simple Mistake with Massive Consequences The incident started with a junior developer working on a new CI/CD pipeline for a side project: a internal dashboard to track AKS node health. To test the pipeline, they created an Azure service principal with Contributor permissions on the AKS resource group, and a client secret valid for 2 years. In a rush to push code before a deadline, they committed the SP’s client ID and secret to a GitHub repo they thought was private—but a misconfigured repository setting had made it public days earlier.…