tl;dr:Least privilege in the cloud is hard, but progress can be made by taking a risk-based approach. Consider an attacker who obtained one of your developer’s credentials; what access would they have? By adding a temporal dimension to developer access policies, the attack surface can be significantly reduced for many security-breach scenarios. That’s where just-in-time access comes in.