Opal + GCP Compute

‍

Opal + GCP Compute Use cases

Protect against breaches with least privilege

• Grant just-in-time access to GCP Compute that is auto-expiring and fully audited using Slack
• Ensure that privileged roles have the appropriate identity governance and approval configurations, such as multi-stage approvals, max duration, custom fields, and more

Accelerate employee access on paved roads

• Enable resource owners with the most context to approve access requests and provision access automatically via Slack
• Accelerate employee onboarding by enabling managers to request on behalf of their reports or enabling self-service discovery of resource bundles
• Automate on-call access by provisioning and deprovisioning access via on-call schedules

Simplify compliance without manual overhead

• Automate user access reviews so compliance teams can snapshot user listings, assign reviewers to self-service reviews, propagate access changes, and generate an auditor-friendly access report
• Review access of employees who have recently transferred roles or departments

Opal + GCP Compute Integration Overview

Opal leverages Google Cloud IAM capabilities to grant temporary and auditable access to virtual machines hosted using Google's Cloud Compute managed service. We automatically discover virtual machines you want to manage and allow developers to request access to them. Since this method of granting access is native to Google Cloud, it doesn't require managing private/public keys and gives you more time to ship your products.

GCP Compute Integration Setup

Set up your GCP integration in minutes

• Head to Apps, and hit the "New App" button
• Go to Google Cloud Platform
• Tag infrastructure in GCP
• Create a service account for Opal
• Enable the IAM API in GCP
• Upload your service account credentials
• Hit "Create"
  

Congrats, you're integrated!

‍