Opal + MySQL

‍

Opal + MySQL Use cases

Protect against breaches with least privilege

• Grant just-in-time access to mySQL databases that are auto-expiring and fully audited using Slack
• Ensure that privileged roles have the appropriate identity governance and approval configurations, such as multi-stage approvals, max duration, custom fields, and more

Accelerate employee access on paved roads

• Enable resource owners with the most context to approve access requests and provision access automatically via Slack
• Accelerate employee onboarding by enabling managers to request on behalf of their reports or enabling self-service discovery of resource bundles
• Automate on-call access by provisioning and deprovisioning access via on-call schedules

Simplify compliance without manual overhead

• Automate user access reviews so compliance teams can snapshot user listings, assign reviewers to self-service reviews, propagate access changes, and generate an auditor-friendly access report
• Review access of employees who have recently transferred roles or departments

Native engineering workflows

To support native developer workflows, Opal has:

• Easy CLI access to start sessions
• Enable developers to generate auto-expiring credentials that expire after 15 minutes. For DevOps teams, this eliminates the need for credential rotation. For security teams, this bolsters security posture as the credentials are identity-based and developers aren't using static credentials.
• Auditing capabilities for identity-based attribution

MySQL Overview

MySQL is the world's most popular open source relational database and Amazon RDS makes it easy to set up, operate, and scale MySQL deployments in the cloud. With Amazon RDS, you can deploy scalable MySQL servers in minutes with cost-efficient and resizable hardware capacity.

Opal + MySQL Integration Overview

Opal supports MySQL out of the box. You can define access at multiple levels, all the way down to table and column-level access. With Opal's just-in-time short-lived access, the right people will see the right information at the right time. You can access your database via your favorite database viewers or the command line, and even manage policies on the fly for temporary users via Opal's built-in policy editor.

Integration Setup

MySQL databases can be imported using Opal's AWS connectors:

1. In the Apps sidebar, click on "New App", and select Amazon Web Services

Setting up AWS is easy and Opal can import all AWS resources in minutes.

‍

‍

‍