provision new user with ssh key

[zoezhangmattr]

i am new to this functionality, i was wondering what is the good way to provision another user, for example macadmin , (i know the existent default user is ec2-user), and let it have the ability to consume ssh key like ec2-user as well. is it using the module or user-data. and what is the lifecycle of it. does it provision the user before instance is ready. so that i can use this user to ssh to the mac instance.

any guidance is appreciated. thanks a lot.

[mattcataws]

Hey @zoezhangmattr, sorry for the delay in my response, but thank you for creating an issue to discuss this problem you're encountering. I have a few questions I was hoping you could answer so we could get a better idea of what your workflow is and what the ideal end goal would be.

i am new to this functionality, i was wondering what is the good way to provision another user, for example macadmin , (i know the existent default user is ec2-user),

EC2 Mac instances are effectively a typical Mac, we see most customers using common macOS system administration tooling like sysadminctl to build derivative images from the standard EC2 AMI.

and let it have the ability to consume ssh key like ec2-user as well.

ec2-macos-init provides a module named SSHKeys that can be configured to fetch the EC2 Key Pair for the specified user at instance launch time. For example, you could replicate the existing configuration for the ec2-user found here — init.toml#L218-228.

is it using the module or user-data. and what is the lifecycle of it. does it provision the user before instance is ready.

ec2-macos-init cannot be reconfigured at instance launch time, so we recommend you prepare images with desired configuration and provisioning steps already completed. In your case, this might mean creating the macadmin user and modifying ec2-macos-init's config file to fetch SSH keys for the new user.

so that i can use this user to ssh to the mac instance.

Are you looking to provision the instance?