AWS 实例连接解密密码错误为无效私钥,如何修复?

AWS 实例连接解密密码错误为无效私钥,如何修复?

我已经使用 Terraform 代码及其 Windows 密钥对创建了一个实例。为了获取管理员密码,我单击了下面的解密按钮并获取了无效的解密密钥。请建议如何修复它。

解密密钥错误

# Create an S3 bucket
resource "aws_s3_bucket" "my_bucket" {
  bucket = "my-ssh-keys-bucket"  # Replace with your desired bucket name
}

# Upload the public key to the S3 bucket
resource "aws_s3_bucket_object" "my_key_object" {
  bucket = aws_s3_bucket.my_bucket.id
  key    = "ssh-keys/id_rsa.pub"  # Replace with the desired key name/path within the bucket
  source = "keys/id_rsa.pub"
}


resource "aws_s3_bucket_object" "my_key_object2" {
  bucket = aws_s3_bucket.my_bucket.id
  key    = "ssh-keys/id_rsa"  # Replace with the desired key name/path within the bucket
  source = "keys/id_rsa"
}


# Create an EC2 instance
resource "aws_instance" "my_instance" {
  count = 2
  ami           = "ami-0xxxxxx"  # Replace with the Windows Server 2019 AMI ID
  instance_type = "t2.micro"  # Update with your desired instance type
  subnet_id     = "subnet-0c6dfb7d123e515c9"

  key_name      =  aws_key_pair.example.key_name #tls_private_key.my_ssh_key.key_name

  #vpc_security_group_ids = [aws_security_group.my_security_group.id] #attach security groups here as a list
  vpc_security_group_ids = [aws_security_group.my_security_group.id]
  tags = {
    Name = "instance-${count.index}"
  }
  root_block_device {
    volume_size           = 100
    volume_type           = var.volume_type
    delete_on_termination = true
    encrypted             = true
    kms_key_id            = var.kms_key_id
    tags = {
      Name = "root volume" 
    }
  }

答案1

我不确定在 s3 中存储 ssh 密钥的用例,(想不出任何可能的理由来上传两者,还有很多其他选项,如参数存储、安全字符串或秘密管理器)

您的代码中如何引用它?

aws_key_pair.example.key_name

只需在控制台中创建密钥对(将私钥保存在密码管理器中)。

然后在您的 tf 代码中将其设置key_name =为您创建的代码。

为了使用 s3 检索您的密钥来创建实例,您将需要重新考虑您的设计并相应地重构其余代码,我个人会远离那个 s3 想法。

相关内容