A company has hundreds of Linux-based Amazon EC2 instances. Administrators used shared SSH keys to manage them, but an audit requires removing all shared keys. Which solution provides secure access with the LEAST administrative overhead?
Choose an answer
Tap an option to check your answer.
Correct answer: Use AWS Systems Manager Session Manager to connect to the EC2 instances..
Why this is the answer
AWS Systems Manager Session Manager provides secure and auditable access to EC2 instances without needing SSH keys, bastion hosts, or opening inbound SSH ports. It uses IAM policies for access control, integrating seamlessly with existing AWS authentication. This significantly reduces administrative overhead compared to managing SSH keys or bastion hosts. AWS STS generates temporary credentials, but integrating it for SSH key generation and distribution for hundreds of instances would be complex and still involve key management. Bastion hosts add an extra layer of infrastructure to manage and maintain. Amazon Cognito and Lambda for temporary SSH keys would be a highly custom and complex solution, increasing administrative overhead.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed