Security & DevSecOps
Practical
By Samson Tanimawo, PhD
Published Feb 10, 2026
4 min read
IAM Least Privilege 2026
Most IAM is over-permissioned. The remediation.
Audit
AWS Access Analyzer. CloudTrail data events.
Surfaces unused permissions.
Trim
Quarterly: remove permissions unused for 90+ days.
Owner reviews; removal proceeds.
Compound
Year over year: permissions surface shrinks.
Lower compromise risk.