Prev Documentation Feedback Next
Welcome » Getting Started with the Command Line Tools » Running an Instance » Windows » Running a Windows Instance

Running a Windows Instance

Topics

This section describes how to run an instance that uses Windows.

Before We Begin

Before running an instance, verify the requirements in the following table.

Verification Process

1

Ensure you have a version 1.5.0 compatible Java Runtime installation, and that the JAVA_HOME environment variable has been correctly set. If not, see The Java Runtime Environment.

2

Ensure you have an active Amazon Web Services Account, and that you've signed up for both Amazon S3 and Amazon EC2. If not, see Setting up an Account.

3

Ensure that you have created a directory called .ec2 in your home directory for Linux/UNIX or a directory without spaces in Windows (e.g., C:\EC2), that contains your X.509 certificate and private key, and that they're named correctly. If not, see Prerequisites.

4

Ensure that the EC2_HOME environment variable has been correctly set. If not, see How to Tell the Tools Where They Live.

5

Ensure that the EC2_CERT and EC2_PRIVATE_KEY environment variables have been correctly set. If not, see How to Tell the Tools Who You Are.


Once these are correct, you are ready to launch your first instance.

How to Find a Suitable AMI

This section describes how to find an AMI to use for this exercise.

To find a suitable AMI

  1. Use the ec2-describe-images command.

    C:\> ec2-describe-images -o self -o amazon | findstr /i windows

IMAGE   ami-e3698d8a    ec2-public-windows-images/Server2003r2-i386-Win-v1.02.manifest.xml      	amazon  available       public          i386    machine     windows
IMAGE   ami-e5698d8c    ec2-public-windows-images/Server2003r2-i386-WinAuth-v1.02.manifest.xml  	amazon  available       public          i386    machine     windows
IMAGE   ami-ed698d84    ec2-public-windows-images/Server2003r2-x86_64-Win-v1.02.manifest.xml    	amazon  available       public          x86_64  machine     windows
IMAGE   ami-ec698d85    ec2-public-windows-images/Server2003r2-x86_64-WinAuth-v1.02.manifest.xml        amazon  available       public          x86_64  machine                      windows
IMAGE   ami-e4698d8d    ec2-public-windows-images/SqlSvrExp2003r2-i386-Win-v1.02.manifest.xml   	amazon  available       public          i386    machine     windows

    The command lists your Windows AMIs and Amazon's public Windows AMIs. The output might not exactly match the preceding example.

  2. Look for the 32-bit Windows Anonymous AMI and note the corresponding value in the second column.

    This is the AMI ID you need. In this example, it is ami-e3698d8a.

How to Generate an SSH Key Pair

Amazon EC2 uses the SSH key pair to enable you to securely get your Windows password. Every key pair you generate requires a name. Be sure to choose a name that is easy to remember.

To generate a key pair using gsg-keypair

  1. Enter the following information.

    PROMPT>  ec2-add-keypair gsg-keypair

    Amazon EC2 returns a key pair, similar to the key pair in the following example.

    KEYPAIR gsg-keypair  1f:51:ae:28:bf:89:e9:d8:1f:25:5d:37:2d:7d:b8:ca:9f:f5:f1:6f
-----BEGIN RSA PRIVATE KEY-----
MIIEoQIBAAKCAQBuLFg5ujHrtm1jnutSuoO8Xe56LlT+HM8v/xkaa39EstM3/aFxTHgElQiJLChp
HungXQ29VTc8rc1bW0lkdi23OH5eqkMHGhvEwqa0HWASUMll4o3o/IX+0f2UcPoKCOVUR+jx71Sg
5AU52EQfanIn3ZQ8lFW7Edp5a3q4DhjGlUKToHVbicL5E+g45zfB95wIyywWZfeW/UUF3LpGZyq/
ebIUlq1qTbHkLbCC2r7RTn8vpQWp47BGVYGtGSBMpTRP5hnbzzuqj3itkiLHjU39S2sJCJ0TrJx5
i8BygR4s3mHKBj8l+ePQxG1kGbF6R4yg6sECmXn17MRQVXODNHZbAgMBAAECggEAY1tsiUsIwDl5
91CXirkYGuVfLyLflXenxfI50mDFms/mumTqloHO7tr0oriHDR5K7wMcY/YY5YkcXNo7mvUVD1pM
ZNUJs7rw9gZRTrf7LylaJ58kOcyajw8TsC4e4LPbFaHwS1d6K8rXh64o6WgW4SrsB6ICmr1kGQI7
3wcfgt5ecIu4TZf0OE9IHjn+2eRlsrjBdeORi7KiUNC/pAG23I6MdDOFEQRcCSigCj+4/mciFUSA
SWS4dMbrpb9FNSIcf9dcLxVM7/6KxgJNfZc9XWzUw77Jg8x92Zd0fVhHOux5IZC+UvSKWB4dyfcI
tE8C3p9bbU9VGyY5vLCAiIb4qQKBgQDLiO24GXrIkswF32YtBBMuVgLGCwU9h9HlO9mKAc2m8Cm1
jUE5IpzRjTedc9I2qiIMUTwtgnw42auSCzbUeYMURPtDqyQ7p6AjMujp9EPemcSVOK9vXYL0Ptco
xW9MC0dtV6iPkCN7gOqiZXPRKaFbWADp16p8UAIvS/a5XXk5jwKBgQCKkpHi2EISh1uRkhxljyWC
iDCiK6JBRsMvpLbc0v5dKwP5alo1fmdR5PJaV2qvZSj5CYNpMAy1/EDNTY5OSIJU+0KFmQbyhsbm
rdLNLDL4+TcnT7c62/aH01ohYaf/VCbRhtLlBfqGoQc7+sAc8vmKkesnF7CqCEKDyF/dhrxYdQKB
gC0iZzzNAapayz1+JcVTwwEid6j9JqNXbBc+Z2YwMi+T0Fv/P/hwkX/ypeOXnIUcw0Ih/YtGBVAC
DQbsz7LcY1HqXiHKYNWNvXgwwO+oiChjxvEkSdsTTIfnK4VSCvU9BxDbQHjdiNDJbL6oar92UN7V
rBYvChJZF7LvUH4YmVpHAoGAbZ2X7XvoeEO+uZ58/BGKOIGHByHBDiXtzMhdJr15HTYjxK7OgTZm
gK+8zp4L9IbvLGDMJO8vft32XPEWuvI8twCzFH+CsWLQADZMZKSsBasOZ/h1FwhdMgCMcY+Qlzd4
JZKjTSu3i7vhvx6RzdSedXEMNTZWN4qlIx3kR5aHcukCgYA9T+Zrvm1F0seQPbLknn7EqhXIjBaT
P8TTvW/6bdPi23ExzxZn7KOdrfclYRph1LHMpAONv/x2xALIf91UB+v5ohy1oDoasL0gij1houRe
2ERKKdwz0ZL9SWq6VTdhr/5G994CK72fy5WhyERbDjUIdHaK3M849JJuf8cSrvSb4g==
-----END RSA PRIVATE KEY-----

    The private key returned must be saved to a local file so that you can use it later.

  2. Create a file named id_rsa-gsg-keypair and paste the entire key generated in step 1, including the following lines.

    "-----BEGIN RSA PRIVATE KEY-----"
"-----END RSA PRIVATE KEY-----"

  3. Confirm that the file contents looks similar to the following and save the file.

    You can save the file in any directory, but if you do not put it in your current directory, you should specify the full path when using commands that require the key pair.

     -----BEGIN RSA PRIVATE KEY-----
MIIEoQIBAAKCAQBuLFg5ujHrtm1jnutSuoO8Xe56LlT+HM8v/xkaa39EstM3/aFxTHgElQiJLChp
HungXQ29VTc8rc1bW0lkdi23OH5eqkMHGhvEwqa0HWASUMll4o3o/IX+0f2UcPoKCOVUR+jx71Sg
5AU52EQfanIn3ZQ8lFW7Edp5a3q4DhjGlUKToHVbicL5E+g45zfB95wIyywWZfeW/UUF3LpGZyq/
ebIUlq1qTbHkLbCC2r7RTn8vpQWp47BGVYGtGSBMpTRP5hnbzzuqj3itkiLHjU39S2sJCJ0TrJx5
i8BygR4s3mHKBj8l+ePQxG1kGbF6R4yg6sECmXn17MRQVXODNHZbAgMBAAECggEAY1tsiUsIwDl5
91CXirkYGuVfLyLflXenxfI50mDFms/mumTqloHO7tr0oriHDR5K7wMcY/YY5YkcXNo7mvUVD1pM
ZNUJs7rw9gZRTrf7LylaJ58kOcyajw8TsC4e4LPbFaHwS1d6K8rXh64o6WgW4SrsB6ICmr1kGQI7
3wcfgt5ecIu4TZf0OE9IHjn+2eRlsrjBdeORi7KiUNC/pAG23I6MdDOFEQRcCSigCj+4/mciFUSA
SWS4dMbrpb9FNSIcf9dcLxVM7/6KxgJNfZc9XWzUw77Jg8x92Zd0fVhHOux5IZC+UvSKWB4dyfcI
tE8C3p9bbU9VGyY5vLCAiIb4qQKBgQDLiO24GXrIkswF32YtBBMuVgLGCwU9h9HlO9mKAc2m8Cm1
jUE5IpzRjTedc9I2qiIMUTwtgnw42auSCzbUeYMURPtDqyQ7p6AjMujp9EPemcSVOK9vXYL0Ptco
xW9MC0dtV6iPkCN7gOqiZXPRKaFbWADp16p8UAIvS/a5XXk5jwKBgQCKkpHi2EISh1uRkhxljyWC
iDCiK6JBRsMvpLbc0v5dKwP5alo1fmdR5PJaV2qvZSj5CYNpMAy1/EDNTY5OSIJU+0KFmQbyhsbm
rdLNLDL4+TcnT7c62/aH01ohYaf/VCbRhtLlBfqGoQc7+sAc8vmKkesnF7CqCEKDyF/dhrxYdQKB
gC0iZzzNAapayz1+JcVTwwEid6j9JqNXbBc+Z2YwMi+T0Fv/P/hwkX/ypeOXnIUcw0Ih/YtGBVAC
DQbsz7LcY1HqXiHKYNWNvXgwwO+oiChjxvEkSdsTTIfnK4VSCvU9BxDbQHjdiNDJbL6oar92UN7V
rBYvChJZF7LvUH4YmVpHAoGAbZ2X7XvoeEO+uZ58/BGKOIGHByHBDiXtzMhdJr15HTYjxK7OgTZm
gK+8zp4L9IbvLGDMJO8vft32XPEWuvI8twCzFH+CsWLQADZMZKSsBasOZ/h1FwhdMgCMcY+Qlzd4
JZKjTSu3i7vhvx6RzdSedXEMNTZWN4qlIx3kR5aHcukCgYA9T+Zrvm1F0seQPbLknn7EqhXIjBaT
P8TTvW/6bdPi23ExzxZn7KOdrfclYRph1LHMpAONv/x2xALIf91UB+v5ohy1oDoasL0gij1houRe
2ERKKdwz0ZL9SWq6VTdhr/5G994CK72fy5WhyERbDjUIdHaK3M849JJuf8cSrvSb4g==
-----END RSA PRIVATE KEY-----

How to Run the Instance

You are now ready to launch an instance of the AMI that you previously selected.

To launch an instance

  1. Start the launch by entering the following command:

    PROMPT>  ec2-run-instances <ami_id> -k <keypair-name>

    The <ami_id> is the AMI ID you selected earlier and <keypair-name> is the name of the key pair. The command returns the AMI instance ID, a unique identifier for each launched instance. You use the instance ID to manipulate the instance. This includes viewing the status of the instance, terminating the instance, and so on.

    Launching the instance takes a few minutes.

  2. View the progress of the instance by entering the following command:

    PROMPT>  ec2-describe-instances <instance_id>

    The <instance_id> is the ID of the instance.

    When the status field displays "running," the instance was created and is booting. However, the instance might not be immediately accessible over the network. Make sure to use the appropriate DNS name provided by the ec2-describe-instances command.

[Important]Important

Once you launch an instance, AWS bills you for all usage, including hourly CPU time. Make sure to terminate any instances that you do not want to leave running. For information on Amazon EC2 pricing, go to the Amazon EC2 home page.

Example

The following example launches an instance of ami-2bb65342.

PROMPT> ec2-run-instances ami-2bb65342 -k gsg-keypair
RESERVATION     r-302dc059      416161254515    default
INSTANCE        i-eb977f82      ami-2bb65342                    pending gsg-keypair     0    m1.small   2007-10-16T07:56:20+0000    us-east-1a

The following shows the status of the launch:

PROMPT>  ec2-describe-instances i-eb977f82 
RESERVATION     r-302dc059      416161254515    default
INSTANCE        i-eb977f82      ami-2bb65342    ec2-72-44-40-222.compute-1.amazonaws.com    10-251-50-83.ec2.internal   running gsg-keypair     0     m1.small    2007-10-16T07:56:20+0000    us-east-1a  windows

When the instance state in the field just before the key pair name reads "running" the instance started booting. However, there might be a short time before it is accessible over the network. The first DNS name is your instance's external DNS name, i.e. the one that can be used to contact it from the Internet. The second DNS name is your instance's local DNS name, and is only contactable by other instances within the Amazon EC2 network. The DNS names of your instances are different than those shown in the preceding example and you should use yours instead. The examples in this guide use the public DNS name.

How to Get the Administrator Password

After launching an instance, get its administrator password. This command returns the original password assigned by Amazon EC2.

[Note]Note

If you change the administrator password, this command does not retrieve the new password.

Before you rebundle an AMI, you can change its administrator password. The new password is the administrator password for all instances launched from this AMI.

To get the administrator password

  • Enter the following command:

PROMPT>  ec2-get-password  -k gsg-keypair instance_id

where gsg-keypair is the name of the file where you saved the private portion of the key pair you created and instance_id is the ID of the instance.

Amazon EC2 returns the Windows password.

Example

The following example gets the Windows password for instance i-eb977f82.

PROMPT> ec2-get-password -k id_rsa-gsg-keypair i-eb977f82
 Qr89fdS1w

How to Authorize Network Access

To reach a running instance from the Internet, you must enable access for Remote Desktop on port 3389.

To enable Remote Desktop on port 3389

  1. Get the public IP address of your local machine by going to a search engine, entering "what is my IP address," and using one of the provided services.

  2. Authorize the security group to allow Remote Desktop access:

    PROMPT>  ec2-authorize default -p 3389 -s your_ip_address/32
PERMISSION     default  ALLOWS  tcp     3389      3389      FROM    CIDR   your_ip_address/32

Connecting to the Instance

After you start an instance, you can log in and modify it according to your requirements.

To connect to your instance

  1. Retrieve the FQDN of your instance.

    This example uses retrieves the FQDN of the i-ae0bf0c7 instance.

    PROMPT>  ec2-describe-instances i-ae0bf0c7 
				RESERVATION  r-7430c31d  924417782495  default
				INSTANCE  i-ae0bf0c7  ami-2bb65342  ec2-67-202-7-236.compute-1.amazonaws.com  ip-10-251-31-162.ec2.internal  running  gsg-keypair  0  m1.small  2008-03-21T16:19:25+0000  us-east-1a  windows

    In this example, the FQDN is ec2-67-202-7-236.compute-1.amazonaws.com

  2. Click Start, point to Programs, point to Accessories, point to Communications, and click Remote Desktop Connection.

    The Remote Desktop Connection dialog box appears.

  3. Enter the FQDN in the Computer field and click Connect.

    The Remote Desktop Connection client connects to the instance.

  4. Enter "administrator" as the user name and the instance password. For information about getting the administrator password, see How to Get the Administrator Password. .

You now have complete control over the instance. You can add, remove, modify, or upgrade packages and files to suit your needs.

[Important]Important

We recommend you exercise extreme care when you change some of the basic Amazon EC2 configuration settings. Otherwise, the AMI might become unbootable or inaccessible from the network once running.

[Note]Note

If you plan to allow other users to remotely access the instance, you must add them to the Remote Desktop Users group.

Loading Software and Making Changes

Now that you are logged into the Windows instance, you can load software and make changes as you would with any Windows server. When your changes are finished, you can bundle them as a new AMI and launch an identical copy at any time.

[Note]Note

By default, Amazon EC2 instances running Windows do not have Automatic Updates enabled.

Congratulations

You've set up the tools and used them to run an instance based on a public AMI. You have learned enough to successfully use Amazon EC2 to run as many Windows instances as you wish. You can run instances based on any of the public AMIs by following this process.

The next section builds on this success by having you bundle the running instance and register it as your own AMI. If you want to stop now, be sure to terminate any instances you have started as described in How to Terminate Your Instances.

Prev Documentation Feedback
Copyright Information		 Next
 Home