Accidentally Deleted ec2-user Folder – Unable to SSH into EC2 Instance

To recover access to your EC2 instance after accidentally deleting the /home/ec2-user folder, you can follow these steps:

1. Stop the EC2 instance if it's still running.

2. Create a snapshot of the instance's root EBS volume for backup purposes.

3. Detach the root EBS volume from the affected instance.

4. Launch a new temporary EC2 instance in the same Availability Zone.

5. Attach the detached root volume to the temporary instance as a secondary volume.

6. Mount the attached volume on the temporary instance:

   sudo mkdir /mnt/temp
   sudo mount /dev/xvdf1 /mnt/temp
   

7. Recreate the ec2-user home directory and necessary files:

   sudo mkdir -p /mnt/temp/home/ec2-user
   sudo chown ec2-user:ec2-user /mnt/temp/home/ec2-user
   

8. Copy the default ec2-user files from the temporary instance:

   sudo cp -r /home/ec2-user/. /mnt/temp/home/ec2-user/
   

9. Ensure correct permissions are set:

   sudo chmod -R 755 /mnt/temp/home/ec2-user
   

10. Unmount the volume:

    sudo umount /mnt/temp
    

11. Detach the volume from the temporary instance.

12. Reattach the volume to your original instance as the root volume.

13. Start your original instance.

14. Try to SSH into your instance using your original key pair.

If you're still unable to access the instance after these steps, you may need to use AWS Systems Manager to regain access:

1. Ensure the SSM agent is installed on your instance.
2. Configure the necessary IAM role for Systems Manager access.
3. Use the AWSSupport-ResetAccess automation document to reset access to your instance.

Remember to regularly back up critical system files and use IAM roles and policies to restrict access to sensitive directories to prevent similar issues in the future.

Sources
EC2 instance /etc folder deleted , couldnt connect now AMI- ami-04b4f1a9cf54c11d0 | AWS re:Post
Community | Recovering Access: A Guide for Lost EC2 Key Pair in Linux