Open sad75 opened 7 years ago
Definitely a good idea that awless
could help with and enforce.
Since the authentication goes both ways, I am guessing we would start by authenticate the clients (users) to cloud VMs (servers).
I imagine in this case, roughly the steps could be:
awless
:
awless
have the client certificate in their local SSH config.In term of features, this is a combination of awless
doing small control and provisioning. A good start could be to use the provided AWS UserData
field which is a field for scripts you want to run on the creation of an instance.
It will be very convenient to have a way to instantiate a new VM with a SSH certificate instead of a key.