So we can assume that the cloud security is as strong as the security at weakest link in one of the centralized access component.

Can we have a workflow or multi-level authorizations for critical actions like delete or terminate actions of cloud resources?.