Opal + Amazon EKS

‍

Opal + Amazon EKS Use cases

Protect against breaches with least privilege

• Grant just-in-time access to AWS EKS that is auto-expiring and fully audited using Slack
• Ensure that privileged roles have the appropriate identity governance and approval configurations, such as multi-stage approvals, max duration, custom fields, and more

Accelerate employee access on paved roads

• Enable resource owners with the most context to approve access requests and provision access automatically via Slack
• Accelerate employee onboarding by enabling managers to request on behalf of their reports or enabling self-service discovery of resource bundles
• Automate on-call access by provisioning and deprovisioning access via on-call schedules

Simplify compliance without manual overhead

• Automate user access reviews so compliance teams can snapshot user listings, assign reviewers to self-service reviews, propagate access changes, and generate an auditor-friendly access report
• Review access of employees who have recently transferred roles or departments

Native engineering workflows

To support native developer workflows, Opal has:

• Easy way for developers to start sessions via the web or CLI
• Audit logs for user attribution

AWS Amazon Overview

Amazon Elastic Kubernetes Service (Amazon EKS) is a fully-managed, certified Kubernetes conformant service that simplifies the process of building, securing, operating, and maintaining Kubernetes clusters on AWS. Amazon EKS integrates with core AWS services such as CloudWatch, Auto Scaling Groups, and IAM to provide a seamless experience for monitoring, scaling and load balancing your containerized applications.

Opal + Amazon EKS Integration Overview

Opal lets you define fine-grained access controls to Kubernetes clusters on EKS using federated IAM sessions. This simplifies and unifies access controls to AWS IAM while enabling developers to connect easily and request new access to many different clusters. Similar to other integrations, sessions are logged and captured with attribution.

AWS Amazon Integration Setup

Setting up AWS is easy and Opal can import all AWS resources in minutes.

‍