Opal + Amazon EC2

‍

Opal + Amazon EC2 Use cases

Protect against breaches with least privilege

• Grant just-in-time access to EC2 that is auto-expiring and fully audited using Slack
• Ensure that privileged roles have the appropriate identity governance and approval configurations, such as multi-stage approvals, max duration, custom fields, and more

Accelerate employee access on paved roads

• Enable resource owners with the most context to approve access requests and provision access automatically via Slack
• Accelerate employee onboarding by enabling managers to request on behalf of their reports or enabling self-service discovery of resource bundles
• Automate on-call access by provisioning and deprovisioning access via on-call schedules

Simplify compliance without manual overhead

• Automate user access reviews so compliance teams can snapshot user listings, assign reviewers to self-service reviews, propagate access changes, and generate an auditor-friendly access report
• Review access of employees who have recently transferred roles or departments

Native engineering workflows

To support native developer workflows, Opal has:

• Easy way for developers to start sessions via the web or CLI
• Audit logs for user attribution
• Session logs from CloudWatch trails

Amazon EC2 Overview

Amazon Elastic Compute Cloud (Amazon EC2) provides scalable computing capacity in the Amazon Web Services (AWS) Cloud. Using Amazon EC2 eliminates your need to invest in hardware up front, so you can develop and deploy applications faster. You can use Amazon EC2 to launch as many or as few virtual servers as you need, configure security and networking, and manage storage. Amazon EC2 enables you to scale up or down to handle changes in requirements or spikes in popularity, reducing your need to forecast traffic.

Opal + Amazon EC2 Integration Overview

Leveraging AWS’ SSM APIs, Opal facilitates zero trust connections to EC2 instances. This allows developers to avoid the burden of rotating their private keys and instead leverage ephemeral federated IAM sessions. In addition, all sessions will be logged for later auditing!

Amazon EC2 Integration Setup

Setting up AWS is easy and Opal can import all AWS resources in minutes.