There are still some dependencies on Hashicorp Vault; for the most part, customer secrets are now run through PetSem, our in-house secret store, and PetSem is regionalized (and also much simpler to reason about; to serve live requests, it’s just a web API and a SQLite service), but there are still some legacy connections to Vault that we’re working on rooting out.
That’s the one that most immediately jumps to mind.
It’s not a perfect example of what we’re talking about on this thread, but the work to regionalize Corrosion — a large-scale distributed system, but one with a global state space for the whole platform — is another example of the direction we’re going here.
Any project that credibly removes a SPOF in our architecture is staffed right now; there’s some new-feature work, but overwhelmingly the engineering team is focused on reliability, scale, and capacity management issues, and the company is mostly the engineering team.