Skip to content

SSH key pairs  #152

Description

@aug24

Now that we have a mature approach for ssh with transient keys using ssm, we do not need key pairs within EC2 at all.

Any non-transient key is implicitly less secure as it represents a long-lived (and thus more likely to leak) access method to an instance. Therefore, we should consider all key pairs to be a security risk and discourage their use.

To encourage this, it would make sense to add a new check for SHQ detailing, in order:

  1. Launch Configs with specified Key Pair names
  2. Key Pairs
  3. Running instances with specified key pairs

All the above should now be considered 'bad'.

Note that removing key pairs which are specified in a launch config can make it impossible to auto-scale. Thus point 1 above must be addressed before point 2. This should perhaps be made clear.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions