Principle of Least Privilege

The Principle of Least Privilege (PoLP) is a fundamental security concept that dictates every entity in a system -- whether a user, service, process, or application component -- should operate with the minimum set of permissions required to accomplish its legitimate tasks. By restricting access rights to the bare minimum, the blast radius of any compromise is contained, accidental damage from misconfiguration is reduced, and the attack surface is minimized.

In practice, least privilege applies at every level of the technology stack. At the infrastructure level, it means IAM roles with specific resource-level permissions rather than wildcard (*) policies. At the database level, it means application service accounts with only SELECT/INSERT/UPDATE on specific tables rather than superuser access. At the application level, it means role-based access control (RBAC) or attribute-based access control (ABAC) that restricts users to their authorized operations. At the process level, it means running containers as non-root users and dropping unnecessary Linux capabilities.

Implementing least privilege requires continuous effort. Over time, permissions tend to accumulate (privilege creep) as users change roles or temporary access becomes permanent. Regular access reviews, automated permission auditing, just-in-time (JIT) access provisioning for elevated privileges, and time-bound access grants help maintain least privilege. Cloud providers offer tools like AWS IAM Access Analyzer and Google Cloud IAM Recommender that analyze actual permission usage and suggest reductions.