Opal + GCP GKE Use cases

Protect against breaches with least privilege

• Grant just-in-time access to GKE that is auto-expiring and fully audited using Slack

• Ensure that privileged roles have the appropriate identity governance and approval configurations, such as multi-stage approvals, max duration, custom fields, and more

Accelerate employee access on paved roads

• Enable resource owners with the most context to approve access requests and provision access automatically via Slack

• Accelerate employee onboarding by enabling managers to request on behalf of their reports or enabling self-service discovery of resource bundles

• Automate on-call access by provisioning and deprovisioning access via on-call schedules

Simplify compliance without manual overhead

• Automate user access reviews so compliance teams can snapshot user listings, assign reviewers to self-service reviews, propagate access changes, and generate an auditor-friendly access report

• Review access of employees who have recently transferred roles or departments

Opal + GCP GKE Integration Overview

Opal lets you define fine-grained access controls to Kubernetes clusters on GKE allowing you to set specific permissions to and policies to Google Cloud users . This simplifies and unifies access controls to clusters while enabling developers to connect easily and request new access to many different clusters.