Option A: Reassigning the Service Principal does not address the risk of overly permissive roles.
Additionally, using an existing Service Principal for a new purpose can create security challenges
Option B: While deleting the Service Principal may eliminate the risk, this approach can disrupt any
active dependencies. A more controlled remediation involves first reviewing and adjusting permissions.
Option C: Changing the role to "Reader" may reduce risk, but it does not address whether the Service
Principal is still necessary. The root cause (overly permissive roles and lack of usage) should be resolved.
Option D: The most effective action is to evaluate the necessity of the Service Principal and remove any
unnecessary roles or scopes. This minimizes risk while maintaining operational functionality if needed.
