Opal + MySQL

Product Overview

MySQL is the world's most popular open source relational database and Amazon RDS makes it easy to set up, operate, and scale MySQL deployments in the cloud. With Amazon RDS, you can deploy scalable MySQL servers in minutes with cost-efficient and resizable hardware capacity.

Integration Overview

Opal supports MySQL out of the box. You can define access at multiple levels, all the way down to table and column-level access. With Opal's just-in-time short-lived access, the right people will see the right information at the right time. You can access your database via your favorite database viewers or the command line, and even manage policies on the fly for temporary users via Opal's built-in policy editor.

Use cases

1. Modern Access Management

Opal integrates with RDS databases with granular access levels. Using Opal, customers can:

  • Grant just-in-time access to critical resources that are auto-expiring and fully audited
  • Enable resource owners with the most context to approve access requests and provision access automatically via Slack
  • Ensure that privileged roles have the appropriate identity governance and approval configurations, such as multi-stage approvals, max duration, custom fields, and more
  • Automate user access reviews so compliance teams can snapshot user listings, assign reviewers to self-service reviews, propagate access changes, and generate an auditor-friendly access report

2. Privileged Access Management

To support native developer workflows, Opal has:

  • Easy CLI access to start sessions
  • Enable developers to generate auto-expiring credentials that expire after 15 minutes. For DevOps teams, this eliminates the need for credential rotation. For security teams, this bolsters security posture as the credentials are identity-based and developers aren't using static credentials.
  • Auditing capabilities for identity-based attribution

Integration Setup

MySQL databases can be imported using Opal's AWS connectors:

1. In the Apps sidebar, click on "New App", and select Amazon Web Services

2. Opal requires an IAM user to manage your AWS Cloud on your behalf. To simplify the process of creating a user with the proper IAM policies, you can use our official CloudFormation Stack to automatically generate one.

  1. Once the user is created, admins just need to fill out the form to add user access key ID and user secret access key.

Connect with our team