Security? Really? Too many moving parts, too many holes and places to exploit... fixing the same sec problem is 30 different places does t sound like great security.
More like giving the web facing application full access to the payment database vs having a separate internal service with a very limited API. A problem with the frontend does not always immediately compromise the database.
- security - minimize privilege escalation and access to infrastructure
- scalability - different workloads need different metrics to scale(CPU bounds vs connection bound)
- dependencies - why burden devs with all dependencies especially some that are more difficult to setup dev environments for
- service per backend dbs/etc (overlaps with the above)
- domain - can place domain specific skills on a team