Skip to main content
Version: 3.25

AWS OpsWorks

Integration with providers allows you to manage access to virtual machines. Using services such as AWS OpsWorks from Amazon Web Services (AWS), you can manage users' SSH keys and launch recorded sessions to virtual machines.

AWS OpsWorks is the AWS configuration management service that lets you create automations to configure servers and manage Amazon EC2 service instances.

Users

The users report displays all users managed by the senhasegura Cloud IAM that are active on the AWS OpsWorks service.

These users have SSH keys managed by senhasegura to be able to access the Stacks' instances they have access to.

Rotate user's SSH key

You can rotate users' SSH keys in two ways:

  1. Automatically, through a password policy, which can be defined in the PAM Core module of the senhasegura .Please refer to the Privileged Information Manual to understand how to create a password policy.

  2. Manually, via the AWS OpsWorks user report from the Cloud module. To manually request the rotation of the user's SSH key in the AWS OpsWorks service, follow the Cloud IAM ➔ Virtual Machines ➔ AWS ➔ OpsWorks ➔ Users

  3. In the report look for the user you want to rotate the SSH key and click the corresponding action button and choose the Rotate SSH key option.

    caution

    The synchronization time of the new key with the Stacks' instances depends on AWS OpsWorks and not on senhasegura and until it is synchronized with the instances the user may not be able to access them.

View the user's SSH key

To view the user's current SSH key in the AWS OpsWorks service, follow the menu: Cloud IAM ➔ Virtual Machines ➔ AWS ➔ OpsWorks ➔ Users.

In the report look for the user you want to view the SSH key and click the corresponding action button and choose the option View SSH key.

info

The senhasegura user, responsible for the AWS OpsWorks user, will be notified when another senhasegura user uses or views the key.

View User Stacks

To view which Stacks a user has access to and what permissions they have on them in the AWS OpsWorks service, follow the Cloud IAM ➔ Virtual Machines ➔ AWS ➔ OpsWorks ➔ Users.

In the report search for the user you want to view Stacks and permissions and click the corresponding action button and choose the Details option.

Stacks

OpsWorks Stacks allows you to set automatic scaling of servers according to predefined schedules or in response to changes in traffic levels. In addition, it uses lifecycle hooks to orchestrate changes as the environment scales.

With them you can deploy and configure Amazon EC2 instances on each layer or connect other resources such as Amazon RDS databases.

To view the Stacks, follow the Cloud IAM ➔ Virtual Machines ➔ AWS ➔ OpsWorks ➔ Stacks.

Instances

Instances are virtual machines of the Amazon EC2 service that are part of AWS OpsWorks Stacks.

When inside a Stack, they have the same configuration. In addition, users' SSH keys are replicated across all instances of the Stack that they have access to.

To view the instances, follow the menu Cloud IAM ➔ Virtual Machines ➔ AWS ➔ OpsWorks ➔ Instances.

Remote Access

senhasegura ensures that users can run SSH sessions on Stacks instances in a monitored mode.

The accesses are performed using the SSH key of the user chosen in the report, and this access is recorded on video and can have its commands audited, depending on the rule set.

info

The session videos can be viewed through the PAM Core module: PAM Core ➔ Access Control ➔ Remote Sessions See the Proxy Manual for more details.

Access Instance

To perform an instance access, follow the menu Cloud IAM ➔ Virtual Machines ➔ AWS ➔ OpsWorks ➔ Remote access.

In the report, search for the user and instance you want to start the session with and click the Start session icon

caution

Only user instances that the user is responsible for or according to the rules of the access group he belongs to will be displayed.