Platform
Customers
Resources
Company

Schedule a demo

Sign in

Google Cloud Platform (GCP)

Cloud

Opal + GCP Use Cases

Protect against breaches with least privilege

  • Grant just-in-time access to GCP resources that are auto-expiring and fully audited using Slack

  • Ensure that privileged roles have the appropriate identity governance and approval configurations, such as multi-stage approvals, max duration, custom fields, and more

Accelerate employee access on paved roads

  • Enable resource owners with the most context to approve access requests and provision access automatically via Slack

  • Accelerate employee onboarding by enabling managers to request on behalf of their reports or enabling self-service discovery of resource bundles

  • Automate on-call access by provisioning and deprovisioning access via on-call schedules

Simplify compliance without manual overhead

  • Automate user access reviews so compliance teams can snapshot user listings, assign reviewers to self-service reviews, propagate access changes, and generate an auditor-friendly access report

  • Review access of employees who have recently transferred roles or departments

Opal + GCP Integration Overview

GCP Compute

Opal leverages Google Cloud IAM capabilities to grant temporary and auditable access to virtual machines hosted using Google's Cloud Compute managed service. We automatically discover virtual machines you want to manage and allow developers to request access to them. Since this method of granting access is native to Google Cloud, it doesn't require managing private/public keys and gives you more time to ship your products.

GCP GKE

Opal lets you define fine-grained access controls to Kubernetes clusters on GKE allowing you to set specific permissions to and policies to Google Cloud users . This simplifies and unifies access controls to clusters while enabling developers to connect easily and request new access to many different clusters.

Buckets

Within a specific project, Google Cloud Storage buckets often contain sensitive data that needs to be monitored carefully. Using Opal, you're able to grant read or write-level access for specific buckets by pushing a single button in Slack.

Projects & Folders

Using Opal, you can grant temporary access to pre-defined and custom roles to all of your sensitive GCP Projects & Folders. When granting access to specific projects, Opal automatically double-checks the specific Google Cloud user has the policy attached to them once a resource owner approves their request in Slack. Access to folders works similarly, and granting access to the top-level cascades down to all projects and folders within it.

Can't find your desired integration?

Add your request to be among the first to know when it's available.

Headquartered in

New York City.

41 E 11th St

New York, NY 10003

Platform

Product

Least Privilege

Integrations

Customers

Case Studies

Resources

Blog

Library

Events

Company

About

Security

Careers

Status

Data protection

Privacy policy

Terms of service

Copyright © 2024 Perma Security Inc DBA Opal Security | All Rights Reserved | Not affiliated with Opal Labs