AWS Giving different users access to different websites on same server

Suppose if you have an EC2 instance where you host 2 sites, say website1 and website2.

Files of website1 are in the folder /var/ww/html/website1
Files of website2 are in the folder /var/ww/html/website2

Say you want to give access to website1 for some developers and to website2 for another set of developers.

So let us have 2 groups, say group1 and group2.

To create groups we need to run

groupadd group1
groupadd group2

Then we add an user to group1

useradd -G group1 developer1

passwd developer1

Now login as developer1 using the sudo and su commands.
sudo su developer1

Now go to developer1’s home directory.
cd /home/developer1

Generate a new public/private key pair for this user using the ssh-keygen command.

ssh-keygen -b 1024 -f developer1 -t dsa

Now create the .ssh/.authorized_keys file with the appropriate ownership and permissions.

mkdir .ssh
chmod 700 .ssh
cat > .ssh/authorized_keys
chmod 600 .ssh/authorized_keys
chown developer1:group1 .ssh
chown developer1:group1 .ssh/authorized_keys

Now download the private key using winscp or any other sftp program. Convert the file to .ppk file (Filezila will automatically convert if you try to add the key)

chown developer1:group1 /var/www/html/website1

Now the developers in group1 has write access only to /var/www/html/website1 but they have read access to all other directories.

Leave a Reply