Opal + Postgres

‍

Opal + Postgres Use cases

Protect against breaches with least privilege

• Grant just-in-time access to postgres databases that are auto-expiring and fully audited using Slack
• Ensure that privileged roles have the appropriate identity governance and approval configurations, such as multi-stage approvals, max duration, custom fields, and more

Accelerate employee access on paved roads

• Enable resource owners with the most context to approve access requests and provision access automatically via Slack
• Accelerate employee onboarding by enabling managers to request on behalf of their reports or enabling self-service discovery of resource bundles
• Automate on-call access by provisioning and deprovisioning access via on-call schedules

Simplify compliance without manual overhead

• Automate user access reviews so compliance teams can snapshot user listings, assign reviewers to self-service reviews, propagate access changes, and generate an auditor-friendly access report
• Review access of employees who have recently transferred roles or departments

Native engineering workflows

To support native developer workflows, Opal has:

• Easy CLI access to start sessions
• Enable developers to generate auto-expiring credentials that expire after 15 minutes. For DevOps teams, this eliminates the need for credential rotation. For security teams, this bolsters security posture as the credentials are identity-based and developers aren't using static credentials.
• Auditing capabilities for identity-based attribution

Product Overview

PostgreSQL is a powerful, open source object-relational database system with over 30 years of active development that has earned it a strong reputation for reliability, feature robustness, and performance.

Integration Overview

Opal supports AWS or GCP-managed RDS databases out of the box. Database access can be scoped to any granularity your database allows including table and even column-level access. Developers can easily discover and request for just-in-time short-lived access to RDS databases. All databases can be accessed using your favorite 3rd party database viewers, like Postico, or through the command line.

‍

Postgres Integration Setup

Postgres databases can be imported using Opal's AWS or GCP connectors. As an example, the AWS set up is shown below:

1. In the Apps sidebar, click on "New App", and select Amazon Web Services

Setting up AWS is easy and Opal can import all AWS resources in minutes.