Amazon Web Services tagging can be used to add Amazon Web Services resources to one or more Opal groups.

After adding the appropriate AWS tag, the AWS resource will be added to the Opal group, via automatic or manual syncing.

In order to identify the Opal group you are interested in adding, you will need its Group ID: this can be found by navigating to the group you are interested in and inspecting the URL. For example, an Opal group with the URL https://app.opal.dev/groups/9a8ecbac-ccc9-47a1-9d0d-1325e8db60ed#overview has a Group ID of 9a8ecbac-ccc9-47a1-9d0d-1325e8db60ed.

The following syntax for AWS tagging is used for each type of resource. Each tag consists of a key and a value.

IAM Role

Key: opal:group

Value: a colon-separated list of Opal Group IDs, e.g. 9a8ecbac-ccc9-47a1-9d0d-1325e8db60ed:4d05f3dd-e2e6-488a-8d67-aab1eccbc058

RDS Database

Key: opal:group:USER , for example opal:group:fullaccess , where USER is the database user specification.

Value: a colon-separated list of Opal Group IDs, e.g. 9a8ecbac-ccc9-47a1-9d0d-1325e8db60ed:4d05f3dd-e2e6-488a-8d67-aab1eccbc058

EC2 Instance

Key: opal:group

Value: a colon-separated list of Opal Group IDs, e.g. 9a8ecbac-ccc9-47a1-9d0d-1325e8db60ed:4d05f3dd-e2e6-488a-8d67-aab1eccbc058

EKS Cluster (added to the IAM role associated with the EKS cluster)

Key: opal:group:EKS_CLUSTER_ARN, for example opal:group:arn:aws:eks:us-east-2:123456789012:cluster/demo-cluster, where EKS_CLUSTER_ARN is the cluster ARN of the EKS cluster

Value: a colon-separated list of Opal Group IDs, e.g. 9a8ecbac-ccc9-47a1-9d0d-1325e8db60ed:4d05f3dd-e2e6-488a-8d67-aab1eccbc058

Did this answer your question?