Skip to content
Latchkey

Principle of Least Privilege - CI/CD Glossary Definition

The principle of least privilege states that an identity should be granted only the minimum permissions needed to do its job, and no more, to limit the damage from a compromise.

Applying it

Grant narrow scopes, prefer read-only where possible, and remove permissions when a task no longer needs them. Audit grants periodically.

In CI/CD

Set GitHub Actions permissions: to the least needed (for example contents: read), and scope cloud trust policies to a specific repository and branch.

Related guides

Tired of flaky CI? Latchkey auto-heals failed jobs and retries them for you. Start free →