SSH key managment for multiple accounts
Hi, We need to achieve:
1) Possibility to create/delete ssh key pairs for instances hosted in multiple accounts, in one place (centralization) 2) Possibility to assign permissions for the user we are ssh'ing into inside the instance, for example : IAM - admin user, should have admin ssh key, which will give full read/write permissions in virtual machine in which user is ssh'ing, and the IAM - support user, should have support ssh key, which will give less permissions.
Any suggestions, in what we can look into, are welcome. As i googled a bit, the "AWS system manager" - "session manager" looks like it would work for us, but does it work for instances hosted in multiple accounts?
Joann
Yes, this is possible using roles in the different accounts. Here is an example of how one organization set this up, Replacing SSH access to reduce management and security overhead with AWS Systems Manager.
Additionally, please note you can also use AWS Secrets Manager to securely store and rotate SSH key pairs
How to use AWS Secrets Manager to securely store and rotate SSH key pairs
Relevant questions
ssh key-pair anomaly on copying AMI
asked 5 months agoRegression on being able to set SSH key for Git
asked 3 years agoUnable to access SSH for EC-2
asked 18 days agoHow to have multiple VPCs in different AWS accounts use the same physical AWS Direct Connect circuit.
Accepted Answerasked 4 years agoFor new user how to create and share private key ? [Managing User Accounts.
asked 3 years agoSSH key managment for many users
Accepted Answerasked 16 days agoSSH key managment for multiple accounts
Accepted Answerasked 19 days agoAssign Multiple Values to a Single key tag In AWS
asked 2 months agoHow long does the one-time use SSH public key expire?
Accepted Answerasked 3 years agoAdd Amplify deploy key to multiple github repositories?
asked 3 years ago