Cloud computing identity ecosystem

What is claimed is: 1 . A method comprising: receiving first security data from a first web service, the first security data comprising information pertaining to principals, security credentials, permission policies, and resources managed by the first web service; receiving second security data from a second web service, the second security data comprising information pertaining to principals, security credentials, permission policies, and resources managed by the second web service; storing the first security data and the second security data in an unstructured data storage; generating a plurality of purpose built databases combining the first security data and the second security data from the unstructured data storage, the plurality of purpose built databases comprising a graph database, a relational database, and a time series database, the plurality of purpose built databases representing an identity ecosystem comprising the first web service and the second web service; receiving, from a requestor, a query pertaining to the identity ecosystem, the query identifying at least one of a principal, a security credential, a permission policy, or a resource; executing an analysis using one or more of the purpose built databases to generate a response to the query, the response indicating a relationship between the at least one of the principal, the security credential, the permission policy, or the resource identified in the query and at least one other principal, security credential, permission policy, or resource in the identity ecosystem; and providing the response to the query to the requestor. 2 . The method of claim 1 , wherein the query identifies a principal user of the first web service, and wherein executing the analysis comprises determining from the graph database at least one credential or permission policy associated with the principal user and at least one resource managed by the second web service that is accessible by the principal user via the at least one credential or permission policy. 3 . The method of claim 1 , further comprising: generating a visualization of the response to the query; and causing display of the visualization. 4 . A computing device comprising: one or more processors; and memory to store computer-executable instructions that, on execution, cause the one or more processors to: receive security data from a plurality of web services associated with an organization, the security data comprising information pertaining to principals, security credentials, permission policies, and resources managed by each of the plurality of web services; store the security data separately in an unstructured data storage; generate one or more purpose built databases from the security data in the unstructured data storage, the one or more purpose built databases merging the security data from the plurality of web services, and the one or more purpose built databases comprising a graph database, wherein the graph database comprises nodes representing each of the principals, security credentials, permission policies, and resources, and wherein certain nodes in the graph database are connected by edges representing relationships between the corresponding principals, security credentials, permission policies, and resources; receive, from a requestor, an analysis request pertaining to the plurality of web services, wherein the analysis request identifies a principal user of a first web service of the plurality of web services; execute an analysis using the one or more purpose built databases to generate a response to the analysis request, wherein to execute the analysis, the one or more processors to determine from the graph database at least one credential or permission policy associated with the principal user and at least one resource managed by a second web service of the plurality of web services, wherein the at least one resource is accessible by the principal user via the at least one credential or permission policy; and provide the response to the analysis request to the requestor. 5 . The computing device of claim 4 , wherein the one or more processors further to: process the security data to at least one of filter, transform or reformat the security data prior to storing the security data in the unstructured data storage. 6 . The computing device of claim 4 , wherein to execute the analysis, the one or more processors to: identify a first node in the graph database corresponding to a principal user of a first web service of the plurality of web services; traverse one or more edges associated with the first node in the graph database to identify a second node corresponding to a resource managed by a second web service of the plurality of web services; and determine that the resource is at risk if a credential associated with the first principal user were to be compromised. 7 . The computing device of claim 4 , wherein to execute the analysis, the one or more processors to: identify a first node in the graph database corresponding to a principal user of a first web service of the plurality of web services; traverse one or more edges associated with the first node in the graph database to identify a plurality of nodes corresponding to a number of credentials associated with the principal user; and determine that the number of credentials associated with the principal user exceeds an expected number of credentials for the principal user. 8 . The computing device of claim 4 , wherein the one or more purpose built databases comprises a relational database, the relational database comprising a connected master index for the plurality of web services. 9 . The computing device of claim 8 , wherein to execute the analysis, the one or more processors to: identify a first entry in the relational database corresponding to a principal user of a first web service of the plurality of web services; and identify, from the first entry in the relational database, a plurality of permission policies associated with the principal user, the plurality of permission policies including at least one permission policy maintained by a second web service of the plurality of web services. 10 . The computing device of claim 8 , wherein to execute the analysis, the one or more processors to: identify a plurality of entries in the relational database each corresponding to principal roles; determine a subset of the plurality of entries corresponding to principal roles having been created within a threshold period of time; and determine, from the subset of the plurality of entries, whether any of the principal roles created within the threshold period of time have access to a resource provided by one of the plurality of web services. 11 . The computing device of claim 4 , wherein the one or more purpose built databases comprises a time series database representing how the security data evolves over time. 12 . The computing device of claim 11 , wherein to execute the analysis, the one or more processors to: determine an expected time interval for refresh of a credential provided by a first web service of the plurality of web services, the credential associated with a first entry in the time series database; determine, from the first entry in the time series database, a period of time since a last refresh of the credential; and if the period of time exceeds the expected time interval, generate a corresponding security alert. 13 . The computing device of claim 11 , wherein to execute the analysis, the one or more processors to: identify a first entry in the time series database corresponding to a resource p