Esc
↑↓ navigate   Enter open   Esc close

Cybersecurity

Principle of Least Privilege

/ˈprɪnsɪpəl əv liːst ˈprɪvɪlɪdʒ/

Definition

A security practice granting users and services only the minimum permissions needed for their specific function.

Example in context

"The Lambda only needs read access to S3 — granting it full S3 admin would violate least privilege."

Related terms

  • IAM — Identity and Access Management — the system managing who can access what resources in a cloud environment.
  • Zero trust — A security model assuming no user or system is trusted by default — every request must be authenticated and authorised.

Practice this term

Master Principle of Least Privilege in context by working through exercises in the Cybersecurity module. You'll see the term used in real engineering scenarios with multiple-choice, fill-in-the-blank, and matching drills.

Practice in exercises → Browse all words