Configuration Templates

With Configuration Templates, you can link many resources and groups to the same access management settings. This enables teams to move faster through quick mass-configuration and to increase security by avoiding policy drift.

To create a template, go to Templates, then select Configuration Templates. Click + Configuration Template:

You can provide a Name, select an Admin, optionally link a Slack channel, optionally add On-Call members, optionally add Break-glass users, and also configure MFA settings just like you would in an resource-specific Request Configuration.

To apply a template to a resource or group, edit the field on the resource or group page:

When a template is applied, all its access management settings are configured by the values in the template:

• If a configuration template is modified, all resources and groups linked to the template are also modified
• The settings cannot be directly edited except by unlinking the configuration template

Configuration templates can be set in bulk:

In addition, you can configure Opal to automatically set a Configuration Template using Tags. Navigate to Template Mapping and Priority and associate a tag with a template that you have configured and drag and drop it based on highest priority to lowest priority for application sequence.

• Tag-based mappings: When resources or groups are imported with certain tags, Opal can automatically assign a Configuration Template. This takes precedence over the previous two methods: