Opal CLI
Learn how to configure and use the Opal CLI.
Developers can use the Opal CLI to:
- Assume IAM roles, Kubernetes roles, start database sessions, and SSH sessions
- Get information on a particular resource
- Use SCP to copy files to and from a compute instance
Requirements
Before you begin, install the following:
Installation
OSX
To install the Opal CLI using Homebrew:
brew install opalsecurity/brew/opal-security
To upgrade the CLI, use:
brew update
brew upgrade opal-security
Linux and Windows
On these platforms, you can install directly from npm:
npm install -g opal-security
Usage
See the Opal CLI npm page for a list of all available CLI commands.
Authentication
Use opal login
to authenticate to the Opal CLI. This creates an authentication session token and stores it securely for future commands. This token expires based on your organization settings, found in Organization Settings > Authentication > Login session lifetime.
On OSX, the keychain stores this token.
On Linux and Windows, the CLI requires a separate password to store this token securely. Use a password that differs from your Opal and existing passwords. You'll be prompted for this password on all subsequent CLI calls.
Troubleshooting
If you run into errors from Node (e.g. incompatible architecture
), make sure your local environment is using the Node version that you installed the Opal CLI on.
If you're using nvm
, you can view a list of installed Node versions via nvm ls
and switch using nvm use <VERSION>
.
Updated 2 days ago