IAM SSH Users

How do I manage my users?

In the AWS console, our default configuration is to allow all users to reset their password and to manage their public SSH key in IAM with no further access to the AWS console. The admin user can disable any IAM user and can manage any user’s public SSH key.

If you’d like to make any changes to which domains users can access or if you’d like to add any new users, you’ll need to submit a ticket for us to make that change for you in your code.

How do users upload their keys?

Users will log into the AWS console using your personal link and the default password provided by our support team.

Once logged in, either search or navigate to the IAM section.

Click on Users, then click on your user.

Go to the Security Credentials tab and click Upload Public SSH key. Copy your key here and save. 

How do users access the servers?

On your EC2 instances your VirtualHosts or “webroots” (as we will refer to to them here) have their own user account for security purposes. This gives each application that runs under a webroot their own distinct permissions boundaries for files and running processes. Your SSH user is granted access to assume these users via SUDO NOPASSWD. In the attached, document we will show you various examples on how you can use the SUDO command to start an SSH Shell session and an sftp session. Assuming a webroot user will grant you permissions to file resources and processes running under their distinct permissions boundaries.

Questions? customersuccess@mediatemple.net