Status: OUT
GCP managed services require dual mastery spanning application semantics and identity lifecycle: Pub/Sub and Secret Manager demand application-level awareness of delivery guarantees, rotation semantics, and IAM granularity mismatches, while the container security chain from build provenance through runtime identity adds a parallel lifecycle requiring coordinated namespace/SA naming discipline — application-level and identity-level expertise cannot substitute for each other.