By using AWS re:Post, you agree to the Terms of Use
/SSH key managment for multiple accounts/

SSH key managment for multiple accounts

0

Hi, We need to achieve:

1) Possibility to create/delete ssh key pairs for instances hosted in multiple accounts, in one place (centralization) 2) Possibility to assign permissions for the user we are ssh'ing into inside the instance, for example : IAM - admin user, should have admin ssh key, which will give full read/write permissions in virtual machine in which user is ssh'ing, and the IAM - support user, should have support ssh key, which will give less permissions.

Any suggestions, in what we can look into, are welcome. As i googled a bit, the "AWS system manager" - "session manager" looks like it would work for us, but does it work for instances hosted in multiple accounts?

Joann

2 Answers
1
Accepted Answer

Yes, this is possible using roles in the different accounts. Here is an example of how one organization set this up, Replacing SSH access to reduce management and security overhead with AWS Systems Manager.

EXPERT
answered 19 days ago
1

Additionally, please note you can also use AWS Secrets Manager to securely store and rotate SSH key pairs

How to use AWS Secrets Manager to securely store and rotate SSH key pairs

answered 18 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions