What does least privilege imply in IAM governance?

Least privilege in IAM governance means giving each user, service, or workload only the permissions and resources necessary to perform their job, nothing more. This keeps access tightly scoped so a compromised credential or accidental misuse can’t easily reach unrelated data or systems. The statement that access should be granted only to the minimum resources needed for a role captures this idea precisely. The other ideas describe different aspects or approaches—granting everything by default conflicts with minimal access; restricting access by hours addresses timing rather than scope; revoking after use speaks to temporary access, which can support least privilege but isn’t the defining principle itself.