Documentation

Configuration Templates

Suggest Edits

With Configuration Templates, you can link many resources and groups to the same access management settings. This enables teams to move faster through mass-configuration and increases security by avoiding policy drift.

Create templates

To create a template, go to Templates, then select Configuration Templates. Click + Configuration Template.

You can provide a Name, select an Admin, optionally link a Slack channel, optionally add On-Call members, optionally add Break-glass users, and also configure MFA settings just like you would in an resource-specific Request Configuration.

Apply templates

To apply a template to a resource or group, edit the field on the resource or group page:

When a template is applied, all its access management settings are configured by the values in the template:

  • If a configuration template is modified, all resources and groups linked to the template are also modified
  • The settings cannot be directly edited except by unlinking the configuration template

Configuration templates can be set in bulk:

Set templates using tags

In addition, you can configure Opal to automatically set a Configuration Template using Tags. Go to Configuration > Templates > Template Mapping and Priority and associate a tag with a template that you have configured and drag and drop it based on highest priority to lowest priority for application sequence.

  • Tag-based mappings: When resources or groups are imported with certain tags, Opal can automatically assign a Configuration Template. This takes precedence over the previous two methods:

Updated 8 days ago