IAM User that can connect to EC2 instance via SSH

Question

I am a newbie (still exploring) and on AWS Free tier. I have to perform the following :-

Create IAM users and perform the following functions:-
1) **AWSAdmin**- your user that can manage everything in account
2) **EC2Admin** user that can connect to your EC2 users via SSH and can`t work with RDS
3) **RDSAdmin** user that can manage RDS, but can`t manage EC2

For creating IAM User I am following :- https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html#id_users_create_console

Inorder for EC2Admin user that can connect to EC2 users via SSH and cannot work with RDS I understand I can attach policy which allow EC2 access alone, but how can a user created through IAM perform ssh to EC2 instance?

I would be happy to know if there is any blog or documentation which suggests any steps to follow?

Answer

You can explore [EC2 Instance Connect](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/connect-linux-inst-eic.html) and attach necessary [IAM permission](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-connect-configure-IAM-role.html)

Answer

Please if you can clarify, are you talking about a role-based policy or resource-based policy. If to want to restrict your RDS use a resource-based policy on that. For Role based policy, attach that to admin user.

IAM User that can connect to EC2 instance via SSH

관련 콘텐츠