Configuration Templates

Using configuration templates, you can link many resources and groups to the same access management settings. This enables teams to move faster through quick mass-configuration and to increase security by avoiding policy drift.

To create a template, navigate to templates and then select Configuration Templates:

Give the template a name and then configure all access management settings:

To apply a template to a resource or group, edit the field on the resource or group page:

When a template is applied, all its access management settings are configured by the values in the template:

• If a configuration template is modified, all resources and groups linked to the template are also modified
• The settings cannot be directly edited except by unlinking the configuration template

Configuration templates can be set in bulk:

In addition, you can configure Opal to automatically set a configuration template on auto-imported resources and groups. There are three mechanisms for this.

• App integration: Configure the Auto-import configuration template. All resources and groups which are auto-imported will be set to this template automatically:

• 

• AWS accounts: Configure the Auto-import configuration template. All children of this account which are auto-imported will be set to this template automatically:
  

• Tag-based mappings: When resources or groups are imported with certain tags, Opal can automatically assign a configuration template. This takes precedence over the previous two methods: