Yup, same boat here (mid-size company).

All the corporate stuff is behind Okta, so that easy enough.

But all the dev/test systems are a mix of SSO, individual logins, etc. At least they're all behind the same VPN (except when they aren't, but that's less common).

And of course, if you're a cloud engineer (vs "normal" software engineer), you also have to deal with AWS access, which is a whole different can of worms.

Does Google have good SSO internally? Or Facebook?

(excluding things like administration of organization-wide infrastructure key material)

And yet, somehow AWS managed to get this right-ish. They evolved, learned by making mistakes, and created de-facto standards (like object storage protocol) on the way, while at the same time supporting decades-old services. And I'm sure they'll withstand the current AI craze.

So the problem is the team size, not culture?