AWS instance connect decrypt password is giving error as invalid private key, how to fix it?

Meghana d

6/6/24, 6:26 PM

I have cretaed an instance using terraform code and also its key pair for windows. To get the admin password I clicked on the below decrypt button and getting as invalid decrypt key. Please suggest how to fix it.

Decrypt key error

# Create an S3 bucket
resource "aws_s3_bucket" "my_bucket" {
  bucket = "my-ssh-keys-bucket"  # Replace with your desired bucket name
}

# Upload the public key to the S3 bucket
resource "aws_s3_bucket_object" "my_key_object" {
  bucket = aws_s3_bucket.my_bucket.id
  key    = "ssh-keys/id_rsa.pub"  # Replace with the desired key name/path within the bucket
  source = "keys/id_rsa.pub"
}


resource "aws_s3_bucket_object" "my_key_object2" {
  bucket = aws_s3_bucket.my_bucket.id
  key    = "ssh-keys/id_rsa"  # Replace with the desired key name/path within the bucket
  source = "keys/id_rsa"
}


# Create an EC2 instance
resource "aws_instance" "my_instance" {
  count = 2
  ami           = "ami-0xxxxxx"  # Replace with the Windows Server 2019 AMI ID
  instance_type = "t2.micro"  # Update with your desired instance type
  subnet_id     = "subnet-0c6dfb7d123e515c9"

  key_name      =  aws_key_pair.example.key_name #tls_private_key.my_ssh_key.key_name

  #vpc_security_group_ids = [aws_security_group.my_security_group.id] #attach security groups here as a list
  vpc_security_group_ids = [aws_security_group.my_security_group.id]
  tags = {
    Name = "instance-${count.index}"
  }
  root_block_device {
    volume_size           = 100
    volume_type           = var.volume_type
    delete_on_termination = true
    encrypted             = true
    kms_key_id            = var.kms_key_id
    tags = {
      Name = "root volume" 
    }
  }

1 + 0

windows

amazon-ec2

amazon-web-services

terraform

Score:0

Server

Tyco

6/7/24, 12:41 AM

Im not sure of the use case of storing ssh keys in s3, (can't think of any possible reason to upload both, plenty of other options like parameter store, securestring or secrets manager)

How is this referenced in your code?

aws_key_pair.example.key_name ?

Just create the key pair in the console, (save the private key in a password manager).

Then in your tf code set key_name = to the one you created.

In order to use s3 to retrieve your key to create the instance you will need to re-think your design and refactor the rest of your code accordingly, personally I would stay away from that s3 idea.

+ 1

Meghana d

6/7/24, 5:33 PM

Still same issue even if I generate the key using the aws console and referred that here

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: AWS instance connect decrypt password is giving error as invalid private key, how to fix it?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.