Practice Now
elastic beanstalk
multiple SSH keys
AWS cloud computing
server management
instance access

How to add multiple keys for elastic beanstalk instance?

Master System Design with Codemia

Enhance your system design skills with over 120 practice problems, detailed solutions, and hands-on exercises.

Start PracticingLearn More

Introduction

Amazon Elastic Beanstalk is a managed service that allows you to deploy and manage applications in the cloud, with minimal configuration. While Elastic Beanstalk automates infrastructure management, there might be situations where you need to SSH into the EC2 instances for troubleshooting or maintenance tasks. Access to these instances is usually secured using SSH keys. However, what if multiple team members need SSH access, or if you want to rotate SSH keys for security reasons? This article explains how to add multiple SSH keys to your Elastic Beanstalk instances.

Understanding SSH Key Management in Elastic Beanstalk

Default Key Pair Configuration

When you create an Elastic Beanstalk environment, you usually specify an EC2 key pair in the environment's configuration. This key pair is used to access all the EC2 instances launched under that environment. Elastic Beanstalk does not provide a direct way to add additional keys post-deployment, so manual intervention or configuration scripting is required.

Methods to Add Multiple SSH Keys

You have several options to add extra SSH keys to your Elastic Beanstalk instances:

  1. User Data Script on Launch: Inject additional keys using EC2's user data script.
  2. Modify Configuration with AWS Systems Manager (SSM): Use SSM to execute scripts that add keys post-creation.
  3. Instance Profile and S3: Store keys in S3 and use IAM roles to fetch and apply them.
  4. Elastic Beanstalk Custom Configuration Files (.ebextensions): Automate the process during environment creation with custom configuration files.

Why Add Multiple Keys?

  • Collaboration: Teams require multiple individuals to have access.
  • Key Rotation: Maintain robust security practices by rotating SSH keys periodically.
  • Temporary Access: Grant temporary access to contractors or new team members without sharing permanent keys.

Implementing the Solution

Method 1: Using User Data Script

You can use EC2 User Data feature to run shell scripts when the instance launches. Here's an example script that appends new keys to the authorized_keys file.

  • Security: Manage and rotate keys regularly to prevent unauthorized access.
  • IAM Roles: Utilize IAM roles for instances to ensure keys stored in S3 are accessed securely.
  • Automation Tools: Consider using tools like AWS CloudFormation or Terraform to automate these configurations.
  • Audit Logs: Enable CloudTrail to maintain logs of changes and accesses, assisting with compliance and troubleshooting.
Course illustration
Course illustration
Codemia
© 2026 Codemia
Resources
Legal
Social
All Rights Reserved.