We can assign an EC2 instance an IAM role.
- Now say we have two ec2 instances A (in public subnet) and B (in private subnet)
- Now can we also allow ssh from A to B if A has an IAM role R by defining a permission policy on EC2 instance B to allow access to role R?
Right now I am able to connect from A to B using ssh by uploading the private key to A and then using ssh -i
. But can we avoid storing the private key on A? Is there some way? Or is it a must to store the private key?