Add EC2 Linux user using Cloud init user data in AWS

Fazal Yehiya aws, Linux , , , , , , , , , , ,

Consider a scenario where a customer has provided you with an access to a AWS console and needs you to recover a running EC2 linux instance for him. Let’s assume that the customer is not very tech savy and not in possession of any private keys to the instance.

You got two options at this point in gaining access to the instance and working on restoring the system.

One would be to stop the instance, detach the EBS volume and attach it to an instance with similar configuration as the original instance. This involves few more technical areas where you may not have access or permissions. This is not covered in this article and hopefully I will in a future article.

Second option would be to use AWS Cloud init option to pass user data to the system while restarting the system.

To configure user data of an EC2 instance, instance needs to be stopped. Thereafter select the instance, select “Actions”, select “Instance Settings” and choose “Edit user data”.

Modify AWS Cloud init data for EC2
Edit User Data

Paste below data into the input box and save the configuration. Make sure you change the name of the user and SSH key to match your requirement.

#cloud-config
cloud_final_modules:
- [users-groups,always]
users:
  - name: fazal
    groups: [ wheel ]
    sudo: [ "ALL=(ALL) NOPASSWD:ALL" ]
    shell: /bin/bash
    ssh-authorized-keys: 
    - ssh-rsa AAAAB3NzaC1yc2blablablafBpKWntMgxDfVvw==

Above user data will create a new user with specified access and permissions. As per the above data, new user has full “SUDO” permission and will have complete control over the system.

Once all the above changes are complete and saved, select the instance, select “Instance State” and choose “Start Instance” to apply the configurations. Now you should be able to connect to the instance and start restoring the system.

Leave a Reply

Your email address will not be published. Required fields are marked *