A company has Linux-based Amazon EC2 instances. Users must access the instances by using SSH with EC2 SSH Key pairs. Each machine requires a unique EC2 Key pair.
The company wants to implement a key rotation policy that will, upon request, automatically rotate all the EC2 key pairs and keep the key in a securely encrypted place. The company will accept less than 1 minute of downtime during key rotation.
Which solution will meet these requirement?
To meet the requirements for automatic key rotation of EC2 SSH key pairs with minimal downtime, storing the keys in AWS Secrets Manager and defining a rotation schedule is the most suitable solution. AWS Secrets Manager supports automatic rotation of secrets, including SSH keys, by invoking a Lambda function that can handle the creation of new key pairs and the replacement of public keys on EC2 instances. Updating the corresponding private keys in Secrets Manager ensures secure and centralized management of SSH keys, complying with the key rotation policy and minimizing operational overhead.
AWS Secrets Manager Documentation: Describes how to store and rotate secrets, including SSH keys, using Secrets Manager and Lambda functions.
AWS Lambda Documentation: Provides information on creating Lambda functions for custom secret rotation logic.
AWS Best Practices for Security: Highlights the importance of key rotation and how AWS services like Secrets Manager can facilitate secure and automated key management.
Adolph
5 months agoSelma
5 months agoJamal
5 months agoAdolph
6 months agoSelma
6 months agoCheryll
6 months agoYoko
6 months agoGilma
6 months agoLaurena
7 months agoYoko
7 months agoMerrilee
8 months agoDante
7 months agoAdelle
7 months agoStephaine
8 months agoLucina
8 months agoAlisha
8 months agoBoris
8 months agoLeatha
8 months agoCarol
8 months agoJoni
8 months agoLeandro
8 months ago