Identity Security meets IaC
Your infrastructure lives in Terraform. Your deployments are automated. Why is your access management still manual?
Built for Developers Manage access where you already work: directly in your Terraform workflows. Zero context switching.
Built for Security IaC completely standardizes your setup, reducing human error. Every permission change is tracked.
Built for Scale Our Terraform provider handles complex fine-grained permissions that grow with you.
Request a demo to see in action
Trusted by leading companies
Trusted by leading companies
Trusted by leading companies
Why Opal for Identity Access as Code?
Opal is the only identity security platform that lets you define and manage access like any other part of your infrastructure, in code.
With our Terraform provider, DevOps and security teams can declaratively configure fine-grained access policies, approvals, and controls with full version history, git workflows, and automation baked in. No manual ticketing. No inconsistent UIs.
FROM OUR Customers:
“At Obsidian, we use Opal to run quarterly access reviews, maintain just-in-time access, and handle access requests to some of our sensitive applications, like AWS. Once we started using Opal’s Risk Layer in AWS, it changed the way we connect to it, which is fantastic. We’re excited to find the time to set up a deeper Terraform integration, along with the API and CLI that Opal built. Overall, Opal has been a great time saver—really helped us out.”
Chris Kennington
Security Engineer, Obsidian
"Opal helps Elastic protect more of our attack surface than we could before with a small but mighty team. Whether we're speeding up workflows with Slack, orchestrating authorization directly from Terraform, or using the API, Opal has helped us do more with less. In the near future, we're excited to implement Just-in-Time (JIT) access for all of our employees who use GitHub, as well as begin to secure LLMs, service accounts, and other NHIs with Opal."
Mandy Andress
CISO, Elastic
"Opal's Access Review module allows us to provide internal and external auditors with the evidence required for multiple compliances, and provides our Privileged Access Reviewers with the necessary information to make meaningful access decisions. Opal's ability to self-host their solution also allows us to host in our own FedRAMP High environment, thus allowing us to utilize all of their capabilities to harden our FedRAMP resources."
Jack Zaldivar, Jr.
Staff Systems Engineer, Databricks
"At Grammarly, Opal enabled us to migrate all access management for over 150 corporate applications and hundreds of production services across two public clouds to a unified employee experience in just a few weeks."
Suha Can
CISO, Grammarly
“Access reviews and access management were a tedious time sink for us at Obsidian before we adopted Opal. But unlike a lot of other security products, Opal is one of those rare products that gives us back time to focus on what matters, which is amazing.”
Alfredo Hickman
CISO, Obsidian
“At Obsidian, we use Opal to run quarterly access reviews, maintain just-in-time access, and handle access requests to some of our sensitive applications, like AWS. Once we started using Opal’s Risk Layer in AWS, it changed the way we connect to it, which is fantastic. We’re excited to find the time to set up a deeper Terraform integration, along with the API and CLI that Opal built. Overall, Opal has been a great time saver—really helped us out.”
Chris Kennington
Security Engineer, Obsidian
"Opal helps Elastic protect more of our attack surface than we could before with a small but mighty team. Whether we're speeding up workflows with Slack, orchestrating authorization directly from Terraform, or using the API, Opal has helped us do more with less. In the near future, we're excited to implement Just-in-Time (JIT) access for all of our employees who use GitHub, as well as begin to secure LLMs, service accounts, and other NHIs with Opal."
Mandy Andress
CISO, Elastic
"Opal's Access Review module allows us to provide internal and external auditors with the evidence required for multiple compliances, and provides our Privileged Access Reviewers with the necessary information to make meaningful access decisions. Opal's ability to self-host their solution also allows us to host in our own FedRAMP High environment, thus allowing us to utilize all of their capabilities to harden our FedRAMP resources."
Jack Zaldivar, Jr.
Staff Systems Engineer, Databricks
"At Grammarly, Opal enabled us to migrate all access management for over 150 corporate applications and hundreds of production services across two public clouds to a unified employee experience in just a few weeks."
Suha Can
CISO, Grammarly
“Access reviews and access management were a tedious time sink for us at Obsidian before we adopted Opal. But unlike a lot of other security products, Opal is one of those rare products that gives us back time to focus on what matters, which is amazing.”
Alfredo Hickman
CISO, Obsidian
“At Obsidian, we use Opal to run quarterly access reviews, maintain just-in-time access, and handle access requests to some of our sensitive applications, like AWS. Once we started using Opal’s Risk Layer in AWS, it changed the way we connect to it, which is fantastic. We’re excited to find the time to set up a deeper Terraform integration, along with the API and CLI that Opal built. Overall, Opal has been a great time saver—really helped us out.”
Chris Kennington
Security Engineer, Obsidian
"Opal helps Elastic protect more of our attack surface than we could before with a small but mighty team. Whether we're speeding up workflows with Slack, orchestrating authorization directly from Terraform, or using the API, Opal has helped us do more with less. In the near future, we're excited to implement Just-in-Time (JIT) access for all of our employees who use GitHub, as well as begin to secure LLMs, service accounts, and other NHIs with Opal."
Mandy Andress
CISO, Elastic
"Opal's Access Review module allows us to provide internal and external auditors with the evidence required for multiple compliances, and provides our Privileged Access Reviewers with the necessary information to make meaningful access decisions. Opal's ability to self-host their solution also allows us to host in our own FedRAMP High environment, thus allowing us to utilize all of their capabilities to harden our FedRAMP resources."
Jack Zaldivar, Jr.
Staff Systems Engineer, Databricks
"At Grammarly, Opal enabled us to migrate all access management for over 150 corporate applications and hundreds of production services across two public clouds to a unified employee experience in just a few weeks."
Suha Can
CISO, Grammarly
“Access reviews and access management were a tedious time sink for us at Obsidian before we adopted Opal. But unlike a lot of other security products, Opal is one of those rare products that gives us back time to focus on what matters, which is amazing.”
Alfredo Hickman
CISO, Obsidian
“At Obsidian, we use Opal to run quarterly access reviews, maintain just-in-time access, and handle access requests to some of our sensitive applications, like AWS. Once we started using Opal’s Risk Layer in AWS, it changed the way we connect to it, which is fantastic. We’re excited to find the time to set up a deeper Terraform integration, along with the API and CLI that Opal built. Overall, Opal has been a great time saver—really helped us out.”
Chris Kennington
Security Engineer, Obsidian
"Opal helps Elastic protect more of our attack surface than we could before with a small but mighty team. Whether we're speeding up workflows with Slack, orchestrating authorization directly from Terraform, or using the API, Opal has helped us do more with less. In the near future, we're excited to implement Just-in-Time (JIT) access for all of our employees who use GitHub, as well as begin to secure LLMs, service accounts, and other NHIs with Opal."
Mandy Andress
CISO, Elastic
"Opal's Access Review module allows us to provide internal and external auditors with the evidence required for multiple compliances, and provides our Privileged Access Reviewers with the necessary information to make meaningful access decisions. Opal's ability to self-host their solution also allows us to host in our own FedRAMP High environment, thus allowing us to utilize all of their capabilities to harden our FedRAMP resources."
Jack Zaldivar, Jr.
Staff Systems Engineer, Databricks
"At Grammarly, Opal enabled us to migrate all access management for over 150 corporate applications and hundreds of production services across two public clouds to a unified employee experience in just a few weeks."
Suha Can
CISO, Grammarly
“Access reviews and access management were a tedious time sink for us at Obsidian before we adopted Opal. But unlike a lot of other security products, Opal is one of those rare products that gives us back time to focus on what matters, which is amazing.”
Alfredo Hickman
CISO, Obsidian
FROM OUR Customers:
“At Obsidian, we use Opal to run quarterly access reviews, maintain just-in-time access, and handle access requests to some of our sensitive applications, like AWS. Once we started using Opal’s Risk Layer in AWS, it changed the way we connect to it, which is fantastic. We’re excited to find the time to set up a deeper Terraform integration, along with the API and CLI that Opal built. Overall, Opal has been a great time saver—really helped us out.”
Chris Kennington
Security Engineer, Obsidian
"Opal helps Elastic protect more of our attack surface than we could before with a small but mighty team. Whether we're speeding up workflows with Slack, orchestrating authorization directly from Terraform, or using the API, Opal has helped us do more with less. In the near future, we're excited to implement Just-in-Time (JIT) access for all of our employees who use GitHub, as well as begin to secure LLMs, service accounts, and other NHIs with Opal."
Mandy Andress
CISO, Elastic
"Opal's Access Review module allows us to provide internal and external auditors with the evidence required for multiple compliances, and provides our Privileged Access Reviewers with the necessary information to make meaningful access decisions. Opal's ability to self-host their solution also allows us to host in our own FedRAMP High environment, thus allowing us to utilize all of their capabilities to harden our FedRAMP resources."
Jack Zaldivar, Jr.
Staff Systems Engineer, Databricks
"At Grammarly, Opal enabled us to migrate all access management for over 150 corporate applications and hundreds of production services across two public clouds to a unified employee experience in just a few weeks."
Suha Can
CISO, Grammarly
“Access reviews and access management were a tedious time sink for us at Obsidian before we adopted Opal. But unlike a lot of other security products, Opal is one of those rare products that gives us back time to focus on what matters, which is amazing.”
Alfredo Hickman
CISO, Obsidian
FROM OUR Customers:
“At Obsidian, we use Opal to run quarterly access reviews, maintain just-in-time access, and handle access requests to some of our sensitive applications, like AWS. Once we started using Opal’s Risk Layer in AWS, it changed the way we connect to it, which is fantastic. We’re excited to find the time to set up a deeper Terraform integration, along with the API and CLI that Opal built. Overall, Opal has been a great time saver—really helped us out.”
Chris Kennington
Security Engineer, Obsidian
"Opal helps Elastic protect more of our attack surface than we could before with a small but mighty team. Whether we're speeding up workflows with Slack, orchestrating authorization directly from Terraform, or using the API, Opal has helped us do more with less. In the near future, we're excited to implement Just-in-Time (JIT) access for all of our employees who use GitHub, as well as begin to secure LLMs, service accounts, and other NHIs with Opal."
Mandy Andress
CISO, Elastic
"Opal's Access Review module allows us to provide internal and external auditors with the evidence required for multiple compliances, and provides our Privileged Access Reviewers with the necessary information to make meaningful access decisions. Opal's ability to self-host their solution also allows us to host in our own FedRAMP High environment, thus allowing us to utilize all of their capabilities to harden our FedRAMP resources."
Jack Zaldivar, Jr.
Staff Systems Engineer, Databricks
"At Grammarly, Opal enabled us to migrate all access management for over 150 corporate applications and hundreds of production services across two public clouds to a unified employee experience in just a few weeks."
Suha Can
CISO, Grammarly
“Access reviews and access management were a tedious time sink for us at Obsidian before we adopted Opal. But unlike a lot of other security products, Opal is one of those rare products that gives us back time to focus on what matters, which is amazing.”
Alfredo Hickman
CISO, Obsidian
“At Obsidian, we use Opal to run quarterly access reviews, maintain just-in-time access, and handle access requests to some of our sensitive applications, like AWS. Once we started using Opal’s Risk Layer in AWS, it changed the way we connect to it, which is fantastic. We’re excited to find the time to set up a deeper Terraform integration, along with the API and CLI that Opal built. Overall, Opal has been a great time saver—really helped us out.”
Chris Kennington
Security Engineer, Obsidian
"Opal helps Elastic protect more of our attack surface than we could before with a small but mighty team. Whether we're speeding up workflows with Slack, orchestrating authorization directly from Terraform, or using the API, Opal has helped us do more with less. In the near future, we're excited to implement Just-in-Time (JIT) access for all of our employees who use GitHub, as well as begin to secure LLMs, service accounts, and other NHIs with Opal."
Mandy Andress
CISO, Elastic
"Opal's Access Review module allows us to provide internal and external auditors with the evidence required for multiple compliances, and provides our Privileged Access Reviewers with the necessary information to make meaningful access decisions. Opal's ability to self-host their solution also allows us to host in our own FedRAMP High environment, thus allowing us to utilize all of their capabilities to harden our FedRAMP resources."
Jack Zaldivar, Jr.
Staff Systems Engineer, Databricks
"At Grammarly, Opal enabled us to migrate all access management for over 150 corporate applications and hundreds of production services across two public clouds to a unified employee experience in just a few weeks."
Suha Can
CISO, Grammarly
“Access reviews and access management were a tedious time sink for us at Obsidian before we adopted Opal. But unlike a lot of other security products, Opal is one of those rare products that gives us back time to focus on what matters, which is amazing.”
Alfredo Hickman
CISO, Obsidian
“At Obsidian, we use Opal to run quarterly access reviews, maintain just-in-time access, and handle access requests to some of our sensitive applications, like AWS. Once we started using Opal’s Risk Layer in AWS, it changed the way we connect to it, which is fantastic. We’re excited to find the time to set up a deeper Terraform integration, along with the API and CLI that Opal built. Overall, Opal has been a great time saver—really helped us out.”
Chris Kennington
Security Engineer, Obsidian
"Opal helps Elastic protect more of our attack surface than we could before with a small but mighty team. Whether we're speeding up workflows with Slack, orchestrating authorization directly from Terraform, or using the API, Opal has helped us do more with less. In the near future, we're excited to implement Just-in-Time (JIT) access for all of our employees who use GitHub, as well as begin to secure LLMs, service accounts, and other NHIs with Opal."
Mandy Andress
CISO, Elastic
"Opal's Access Review module allows us to provide internal and external auditors with the evidence required for multiple compliances, and provides our Privileged Access Reviewers with the necessary information to make meaningful access decisions. Opal's ability to self-host their solution also allows us to host in our own FedRAMP High environment, thus allowing us to utilize all of their capabilities to harden our FedRAMP resources."
Jack Zaldivar, Jr.
Staff Systems Engineer, Databricks
"At Grammarly, Opal enabled us to migrate all access management for over 150 corporate applications and hundreds of production services across two public clouds to a unified employee experience in just a few weeks."
Suha Can
CISO, Grammarly
“Access reviews and access management were a tedious time sink for us at Obsidian before we adopted Opal. But unlike a lot of other security products, Opal is one of those rare products that gives us back time to focus on what matters, which is amazing.”
Alfredo Hickman
CISO, Obsidian
“At Obsidian, we use Opal to run quarterly access reviews, maintain just-in-time access, and handle access requests to some of our sensitive applications, like AWS. Once we started using Opal’s Risk Layer in AWS, it changed the way we connect to it, which is fantastic. We’re excited to find the time to set up a deeper Terraform integration, along with the API and CLI that Opal built. Overall, Opal has been a great time saver—really helped us out.”
Chris Kennington
Security Engineer, Obsidian
"Opal helps Elastic protect more of our attack surface than we could before with a small but mighty team. Whether we're speeding up workflows with Slack, orchestrating authorization directly from Terraform, or using the API, Opal has helped us do more with less. In the near future, we're excited to implement Just-in-Time (JIT) access for all of our employees who use GitHub, as well as begin to secure LLMs, service accounts, and other NHIs with Opal."
Mandy Andress
CISO, Elastic
"Opal's Access Review module allows us to provide internal and external auditors with the evidence required for multiple compliances, and provides our Privileged Access Reviewers with the necessary information to make meaningful access decisions. Opal's ability to self-host their solution also allows us to host in our own FedRAMP High environment, thus allowing us to utilize all of their capabilities to harden our FedRAMP resources."
Jack Zaldivar, Jr.
Staff Systems Engineer, Databricks
"At Grammarly, Opal enabled us to migrate all access management for over 150 corporate applications and hundreds of production services across two public clouds to a unified employee experience in just a few weeks."
Suha Can
CISO, Grammarly
“Access reviews and access management were a tedious time sink for us at Obsidian before we adopted Opal. But unlike a lot of other security products, Opal is one of those rare products that gives us back time to focus on what matters, which is amazing.”
Alfredo Hickman
CISO, Obsidian
See why the best security teams manage access with Opal
See why the best security teams manage access with Opal
See why the best security teams manage access with Opal
See why the best security teams manage access with Opal
Headquartered in New York City
and San Francisco
235 W 23rd Street, 8th Fl, New York, NY 10011
77 Geary St, 5th Fl, San Francisco, CA 94108
Resources
Customers
© 2025 Perma Security Inc. | DBA Opal Security
Headquartered in New York City
and San Francisco
235 W 23rd Street, 8th Fl, New York, NY 10011
77 Geary St, 5th Fl, San Francisco, CA 94108
Resources
Customers
© 2025 Perma Security, Inc. DBA Opal Security
Headquartered in New York City
and San Francisco
235 W 23rd Street, 8th Fl, New York, NY 10011
77 Geary St, 5th Fl, San Francisco, CA 94108
Resources
Customers
© 2025 Perma Security Inc. | DBA Opal Security
Headquartered in New York City
and San Francisco
235 W 23rd Street, 8th Fl, New York, NY 10011
77 Geary St, 5th Fl, San Francisco, CA 94108
Resources
Customers
© 2025 Perma Security Inc. | DBA Opal Security