how to make salt-minion generate new keys
Solution 1:
-
Stop the minion service.
service salt-minion stop
-
Delete old identity
rm /etc/salt/pki/minion/minion.pem rm /etc/salt/pki/minion/minion.pub cat /dev/null > /etc/salt/minion_id
-
Make sure salt will begin on startup
chkconfig salt-minion on
Create your a new AMI
Solution 2:
Give the following command a try:
sudo salt 'name_of_host_whose_keys_you_wish_to_regenerate' saltutil.regen_keys
Source: https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.saltutil.html#salt.modules.saltutil.regen_keys