I am trying to create a ec2 instance for someone on his own aws account. That person should only interact with the machine via a web service. I can't afford having anyone ssh into the machine and having their hands on the code IP.
How can i forbid the owner of the account from creating a new key pair and replacing the ones that i set for the machine ?
thanks
