Setting initial passwords or taking user input on Amazon Marketplace

0

We're looking to put an image on AWS Marketplace (EC2). The image is to include a password-based web user interface. What is the correct way to set that password?

Some options come to mind:

  • Set the password to a known value. Require a password change on first login. Hope that the end user does not leave it running unattended with the default password.
  • Set the password to a random value. Communicate it to the end user somehow. If so, how do we communicate it to the end user? Is it possible to find out the account owner's email through an API from a running EC2 instance?
  • Create a bootstrap web application that will authenticate the user by requiring them to provide their EC2 security credentials and then let them specify a password for the actual web application.
  • If there's a way to take user input before instance provisioning, then obviously we can just prompt for a new password. Is there any way to prompt for user input when provisioning an image from AWS marketplace on EC2?

Are any of the above options the right option? Is there a recommended approach? What is the least insecure way to do this?

1 Answer
0

Hello,

Here are a few suggestions for securely setting a password for a web UI included in an AWS Marketplace AMI:

  • The best option would be to have the AMI launch a bootstrap application that prompts the user to set a new password during the initial launch/configuration of the instance. This ensures the password is unique per customer and not shared.
  • You could generate a random password during AMI creation and store it encrypted within the AMI. The bootstrap app would then decrypt, display, and allow resetting the password on the first launch. This prevents a static default password.
  • Consider using IAM roles and temporary security credentials to authenticate to the web UI instead of a static password. The instance could retrieve short-lived credentials on launch to securely identify the user.
  • Avoid storing passwords or credentials directly within the AMI if possible. Leverage external/dynamic sources like parameter store instead where the instance can look up secrets on launch.

The key is allowing the customer to set their own unique password per instance to avoid reusing defaults and ensure each deployment has its own isolated credentials

https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_account-policy.html

Thanks

answered 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions