By using AWS re:Post, you agree to the Terms of Use

Created an instance to demo content to prospective client - Help creating client temporary login credentials.

0

As the title suggests, I wish to allow a prospective client access to an instance, in order to showcase the content ,then later allow them long term access to the same instance.

I have tried creating a new user and had an issue finding which security policy to set ,as none seemed specific to just allowing login to that one instance.

Apricate some direction.

Thanks in advance

asked 9 days ago19 views
2 Answers
1

Hi.

Have you seen the topic "Add or remove a public key on your instance" in the EC2 User Guide? You can find it at this link: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/replacing-key-pair.html

It explains how to add a different public key on your EC2 instance, and then share the matching private key with someone who needs to connect to the instance. You can then remove the public key when you no longer want to allow that person to connect to the instance.

Another option is to use EC2 Instance Connect. You can read about EC2 Instance Connect at this link: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Connect-using-EC2-Instance-Connect.html

With EC2 Instance Connect, you can create an IAM policy that you attach to an IAM user. The policy will specify that the action to connect using EC2 Instance Connect is only allowed for the specified instance. You can find the information for setting this up in the link shared above.

I hope this helps!

Kind regards,

Marilyn

AWS

answered 5 days ago
  • Perfect , appreciate the direction

0

Hope your use-case is specific to provision access to an EC2 instance, you could explore SystemsManager-SessionManager.

https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager.html

You could limit access to instances, if your use-case needs clients only access data and not the instance. There are several different ways to approach this based on the use-case.

profile picture
answered 8 days ago
  • Apricate your assistance , having read the attached page , it offers a solution using ssh , for a client that would not work. I'm looking for a solution , using a key . I thought by creating a key and forwarding , would ensure simplicity for them and myself. Any further pointers would help.

    Again thank you

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions