Basic Concepts and Use
The concept behind Bastillion is a simple one!
Bastillion administrators register systems, setup profiles, manage
users, and give users access to systems via profiles.
End-users can access systems through web-terminals and provision their own SSH keys to systems associated with their profile(s).
Users manage their own SSH keys to systems they can access and administrators can disable anyone's SSH key at anytime to force rotation.
Bastillion acts as a bastion host when setup as a control point for administrative access. This setup can be very beneficial to infrastructure security. More details can be found in the following whitepaper: Implementing a Trusted Third-Party System for Secure Shell
Note: Bastillion for EC2 does not provide a utility to manage SSH keys since that is typically done through the AWS console