Opal + AWS EC2

Integration Overview

Opal supports AWS-managed servers using Amazon Secure Session Manager (SSM). This allows developers to move away from private key rotation and manage server access using federated IAM sessions. In addition, all sessions will be recorded and captured for later auditing!

Use cases

  • Implement Least Privilege - With Opal, customers are able to adopt granular and ephemeral access to critical resources
  • Accelerate Access Requests - Customers can delegate approvals to resource owners/managers and accelerate approvals via one-click in Slack
  • Streamline User Onboarding - Integrated with popular identity providers, customers can bind resource level access to native group structures
  • Configure break glass access - Opal enables customers to automate emergency break-glass access via integrations with on-call providers and manual pre-approvals
  • Automate Access Reviews - Opal offers end-to-end automation for user access reviews -  snapshotting user lists, notifying reviewers, providing a self-service review workflow, and generating automated reports

How it works

You can set up the AWS integration in minutes:

  • Select Amazon Web Services from the Application catalog
  • Tag infrastructure in AWS
  • Create IAM user for Opal
  • Create IAM user connection