usually when use pem file as way to connect to a instance, it's not safe. Because when staff has left the company and he still carries the pem file and if the instance is in public subnet and publicly accessible, security will be compromised.
so that's the scenario that we need multiple user accesses to one instance.
1: launch a instance with xxx.pem
2: sudo useradd user1 then sudo su - user1
3: mkidr .ssh
4: chmod 700 .ssh
5: vi .ssh/authorized_keys then copy public key of user1 then save
6: chmod 600 .ssh/authorized_keys
then user1 can use the private key to access the instance.
ssh -i gabrielwu firstname.lastname@example.org