At Opal, we focus on making it easy to set resource-specific properties.
For example, here’s what it looks like under the hood of each resource, with the ability to set things like required reviewers or maximum duration of request.
A property we’ve added on resources is the ability to designate MFA requirements.
If MFA is set to Required, a reviewer will have to authenticate via MFA before being able to approve any requests. This provides an extra layer of security to resources that are particularly sensitive.
Users can also set this property on a group level, so every resource in the group requires MFA before approval.
In the same way, you can also require MFA before connecting to resources. Opal supports access to sessions for engineering infrastructure, such as EC2 servers, RDS databases, or IAM roles.
Opal supports MFA for users wanting to either connect or generate short-lived credentials.
With resource-specific properties, it’s easy to create the access workflows that match your use case.