AWS - removing ec2-user from sudo list

root amazon-web-services sudo

I'm running a production-level Amazon ec2 instance, and I want to close out root privileges to all users. Normally, when one logs in to the instance as ec2-user, the ec2-user immediately gets sudo privileges, which I am trying to do away with in order to ensure security.

I was able to set a new password for the root user, and I went into /etc/sudoers to try and remove the ec2-user from sudo privileges, but that user isn't even listed in the file. Does anybody know how I can remove ec2-user from sudo privileges on an Amazon ec2 instance running the default linux installation?


Solution 1:

Check /etc/sudoers.d/cloud-init file, ec2-user default user is there, just delete this file.

Solution 2:

If you are using CloudFormation userdata, removing the file will likely cause the stack creation to fail. Remove the line instead: $sed --in-place '/ec2-user ALL=(ALL) NOPASSWD:ALL/d' /etc/sudoers.d/90-cloud-init-users

Related

Is there a general theory of the "improper" Lebesgue integral?
$U^*\otimes V$ versus $L(U,V)$ for infinite dimensional spaces
Convexity and equality in Jensen inequality
Product of two Lebesgue integrable functions not Lebesgue integrable
Method to reverse a Kronecker product
Proving $\frac{1}{\sin^{2}\frac{\pi}{14}} + \frac{1}{\sin^{2}\frac{3\pi}{14}} + \frac{1}{\sin^{2}\frac{5\pi}{14}} = 24$
$b_n$ bounded, $\sum a_n$ converges absolutely, then $\sum a_nb_n$ also
Proof that all abelian simple groups are cyclic groups of prime order
The Biharmonic Eigenvalue Problem on a Rectangle with Dirichlet Boundary Conditions
Galois group of $x^4-2$
Two Definitions of the Special Orthogonal Lie Algebra
In a Dedekind domain every ideal is either principal or generated by two elements.