Keymaker requires OpenSSH v6.2+, provided by Ubuntu 14.04+ and RHEL7+. You can also manually configure these permissions, or attach the IAMReadOnlyAccess managed Keymaker IAM policy to the role INSTANCE_ROLE (which you should then assign, via an IAM Instance Profile, to any Keymaker configure -instance-iam-role INSTANCE_ROLEĪs a privileged IAM user, which will create and attach a Iam:GetUser, iam:ListGroups, iam:GetGroup, iam:ListGroupsForUser, iam:GetRole,Īnd sts:GetCallerIdentity.
Keymaker is the modern, minimalistic alternative to LDAP or ActiveĮnsure processes launched by sshd have the IAM permissions iam:GetSSHPublicKey, iam:ListSSHPublicKeys, You, the AWS account administrator,ĭefine or import user and group identities in IAM, and instances in your account dynamically retrieve and use those That securely manages the process of SSH public key sharing and verification, user and group synchronization, and homeĭirectory sharing (via optional EFS integration). Keymaker is the missing link between SSH and IAM accounts on Amazon AWS.
0 kommentar(er)
