Opal + GCP Compute

Integration Overview

Opal leverages Google Cloud IAM capabilities to grant temporary and auditable access to virtual machines hosted using Google's Cloud Compute managed service. We automatically discover virtual machines you want to manage and allow developers to request access to them. Since this method of granting access is native to Google Cloud, it doesn't require managing private/public keys and gives you more time to ship your products.

Use cases

  • Implement Least Privilege - With Opal, customers are able to adopt granular and ephemeral access to critical resources
  • Accelerate Access Requests - Customers can delegate approvals to resource owners/managers and accelerate approvals via one-click in Slack
  • Streamline User Onboarding - Integrated with popular identity providers, customers can bind resource level access to native group structures
  • Configure break glass access - Opal enables customers to automate emergency break-glass access via integrations with on-call providers and manual pre-approvals
  • Automate Access Reviews - Opal offers end-to-end automation for user access reviews—snapshotting user lists, notifying reviewers, providing a self-service review workflow, and generating automated reports

How it works

Set up your GCP GKE integration in minutes

  • Head to Apps, and hit the "New App" button
  • Go to Google Cloud Platform
  • Tag infrastructure in GCP
  • Create a service account for Opal
  • Enable the IAM API in GCP
  • Upload your service account credentials
  • Hit "Create"

Congrats, you're integrated!

Integrate