README ¶ SSH Public Key Sync for IAM Users Purpose The purpose of the project is to sync SSH public files from AWS IAM users to a server. Use AWS IAM Groups to manage access to your servers. The project is built using Go v1.20. Introduction All the sources are under cmd/ssh-iam-sync Whole code compiles in a binary ssh-iam-sync Config file needs to be defined in order to run it, see config file below Config files will be read from following folders according to priority: ./config.yaml current folder from where the binary is running /etc/ssh-iam-sync/config.yaml from ETC Configurations Here is the config reference file: aws: method: accessKey # Either accessKey or profile or instanceProfile profile: default region: ap-south-1 accessKey: <your-access-key> secretKey: <your-secret-key> groups: - projec1 - project2 authorizedKeys: ~/.ssh/authorized_keys # Path to authorized key file overwrite: true # Overwrite existing key file, false appends the keys to file Libraries used: Library Name Version github.com/aws/aws-sdk-go-v2 v1.20.0 github.com/aws/aws-sdk-go-v2/config v1.18.32 github.com/aws/aws-sdk-go-v2/credentials v1.13.31 github.com/aws/aws-sdk-go-v2/service/iam v1.22.1 github.com/kkyr/fig v0.3.2 Ideal server setup Use cron to run the binary every 10 minutes or so. Assign IAM role to your EC2 instance and use instanceProfile method instead. Scope of improvements Binary can be compiled for windows servers as well Distribute using package manager Expand ▾ Collapse ▴ Directories ¶ Show internal Expand all Path Synopsis cmd ssh-iam-sync Click to show internal directories. Click to hide internal directories.