What is PoLP (Principle of Least Privilege)?

A principle stating that every user, process, or system should have only the minimum permissions required to perform its function.

Full explanation

Least privilege limits blast radius. When a token leaks, a compromised service bypasses an authz check, or an employee's account is phished, the damage is bounded by what that identity could do. Modern implementations use just-in-time access, short-lived credentials, and per-resource role scoping.

Example

A deploy script needs to write to one S3 bucket. Least privilege: grant the IAM role write access to that bucket only, not the entire account.

Related

Guide
Secrets management — where to actually store your API keys
Guide
OAuth + OIDC security — the PKCE and state checks you cannot skip

FAQ

How tight should 'minimum' be?

As tight as possible without breaking legitimate use cases. Start tight, loosen on pain.