0

I'm my scenario, Currently, we have all developers connect to ec2 instances using the ec2-user account. Is there a better way to do this so we can see which actions developers take on the machines?

I'm wanting to be able to identify who executes certain commands. Currently, with everyone as 'ec2-user' there's no way to identify who ran which command. For example on the dev server, there is no way to identify who changed the '/etc' directory permissions.

can anyone advise me on how to solve it?

samtech 2021
  • 61
  • 4
  • https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/managing-users.html "Using the default user account is adequate for many applications. However, you may choose to add user accounts so that individuals can have their own files and workspaces. Furthermore, creating user accounts for new users is much more secure than granting multiple (possibly inexperienced) users access to the default user account, because the default user account can cause a lot of damage to a system when used improperly." – Greg Askew Feb 28 '22 at 12:36
  • 1
    You add users in the same way you do on any Linux server. If you have many servers you may want to automate the deployment. – Tim Feb 28 '22 at 18:52
  • Tim , Yes, I'm wanting to be able to identify who executes certain commands. Currently with everyone as 'ec2-user' there's no way to identify who ran which command. For example on the dev server there is no way to identify who changed the '/etc' directory permissions. – samtech 2021 Mar 01 '22 at 16:32
  • @ Tim , I'm wanting to be able to identify who executes certain commands, what is advice on it? What procedure do I need to adopt? – samtech 2021 Mar 02 '22 at 10:07
  • @samtech2021 - based on your recent questions I would highly advise that you look into some AWS training, probably the Cloud Practitioner certification as a starting point. It will give you a really good overview of all these tasks. – shearn89 Mar 02 '22 at 13:50

0 Answers0