My personal notes
T
My personal notes

    Principle of Least Privilege

    The principle of least privilege says that you should only grant access up to the level needed to complete a task.

    Suppose you only need read access to a resource. In that case, you should only be granted access to that specific resource and only for read operations.

    In Azure, this can be achieved using [[azure-rbac]].

    Azure Role-Based Access Control (RBAC)
    It allows the implementation of the [[principle-of-least-privilege]] by defining roles that can be assigned to users.
    Zero Trust security model
    - **Follow [[principle-of-least-privilege]]**: Limit user access with Just-In-Time and Just-Enough-Access (JIT/JEA), risk-based adaptive policies, and data protection.
    Show Graph Visualisation