Creating a Windows AMI
This section describes and provides instructions on how to create an AMI in Windows.
Note | |
---|---|
Before selecting an AMI, determine whether the instance types you plan to launch are 32-bit or 64-bit. For more information, see Instance Types |
To create an AMI using Windows, complete the following tasks:
Select an AMI
First, locate an AMI that contains the packages and services you require. This can be one of your own AMIs, a public AMI provided by Amazon EC2, or a public AMI provided by a Amazon EC2 developer or user.
To select an AMI
-
To get a list of available AMIs, enter the
ec2-describe-images
command:C:\>
ec2-describe-images -o self -o amazon | findstr /i windows
IMAGE ami-e6cd298f Key2047/test.manifest.xml 720208972571 available private x86_64 machine windows
The response includes the image ID, the location of the file in Amazon S3, the image type, and whether the file is available.
-
Choose an AMI from the list and write down its AMI ID.
Generate a Key Pair
You must create a public/private key pair to ensure that only you have access to instances that you launch. After you generate a key pair, the public key is stored in Amazon EC2 using the key pair name you selected. Whenever you launch an instance using the key pair name, the public key is copied to the instance metadata. This allows you to access the instance securely using your private key.
To create a public/private key pair
-
Enter the following command:
PROMPT>
ec2-add-keypair
<keypair-name>
The
<keypair-name>
is the name you select for the key pair.The resulting private key is displayed.
-
Open a text editor.
-
Paste the entire private key, starting with the line "
-----BEGIN RSA PRIVATE KEY-----
" and ending with the line "-----END RSA PRIVATE KEY-----
". -
Save the file and exit.
Note This file should only be readable by the file owner.
Example
PROMPT>
ec2-add-keypair
gsg-keypair
KEYPAIR gsg-keypair 1f:51:ae:28:bf:89:e9:d8:1f:25:5d:37:2d:7d:b8:ca:9f:f5:f1:6f -----BEGIN RSA PRIVATE KEY----- MIIEoQIBAAKCAQBuLFg5ujHrtm1jnutSuoO8Xe56LlT+HM8v/xkaa39EstM3/aFxTHgElQiJLChp HungXQ29VTc8rc1bW0lkdi23OH5eqkMHGhvEwqa0HWASUMll4o3o/IX+0f2UcPoKCOVUR+jx71Sg 5AU52EQfanIn3ZQ8lFW7Edp5a3q4DhjGlUKToHVbicL5E+g45zfB95wIyywWZfeW/UUF3LpGZyq/ ebIUlq1qTbHkLbCC2r7RTn8vpQWp47BGVYGtGSBMpTRP5hnbzzuqj3itkiLHjU39S2sJCJ0TrJx5 i8BygR4s3mHKBj8l+ePQxG1kGbF6R4yg6sECmXn17MRQVXODNHZbAgMBAAECggEAY1tsiUsIwDl5 91CXirkYGuVfLyLflXenxfI50mDFms/mumTqloHO7tr0oriHDR5K7wMcY/YY5YkcXNo7mvUVD1pM ZNUJs7rw9gZRTrf7LylaJ58kOcyajw8TsC4e4LPbFaHwS1d6K8rXh64o6WgW4SrsB6ICmr1kGQI7 3wcfgt5ecIu4TZf0OE9IHjn+2eRlsrjBdeORi7KiUNC/pAG23I6MdDOFEQRcCSigCj+4/mciFUSA SWS4dMbrpb9FNSIcf9dcLxVM7/6KxgJNfZc9XWzUw77Jg8x92Zd0fVhHOux5IZC+UvSKWB4dyfcI tE8C3p9bbU9VGyY5vLCAiIb4qQKBgQDLiO24GXrIkswF32YtBBMuVgLGCwU9h9HlO9mKAc2m8Cm1 jUE5IpzRjTedc9I2qiIMUTwtgnw42auSCzbUeYMURPtDqyQ7p6AjMujp9EPemcSVOK9vXYL0Ptco xW9MC0dtV6iPkCN7gOqiZXPRKaFbWADp16p8UAIvS/a5XXk5jwKBgQCKkpHi2EISh1uRkhxljyWC iDCiK6JBRsMvpLbc0v5dKwP5alo1fmdR5PJaV2qvZSj5CYNpMAy1/EDNTY5OSIJU+0KFmQbyhsbm rdLNLDL4+TcnT7c62/aH01ohYaf/VCbRhtLlBfqGoQc7+sAc8vmKkesnF7CqCEKDyF/dhrxYdQKB gC0iZzzNAapayz1+JcVTwwEid6j9JqNXbBc+Z2YwMi+T0Fv/P/hwkX/ypeOXnIUcw0Ih/YtGBVAC DQbsz7LcY1HqXiHKYNWNvXgwwO+oiChjxvEkSdsTTIfnK4VSCvU9BxDbQHjdiNDJbL6oar92UN7V rBYvChJZF7LvUH4YmVpHAoGAbZ2X7XvoeEO+uZ58/BGKOIGHByHBDiXtzMhdJr15HTYjxK7OgTZm gK+8zp4L9IbvLGDMJO8vft32XPEWuvI8twCzFH+CsWLQADZMZKSsBasOZ/h1FwhdMgCMcY+Qlzd4 JZKjTSu3i7vhvx6RzdSedXEMNTZWN4qlIx3kR5aHcukCgYA9T+Zrvm1F0seQPbLknn7EqhXIjBaT P8TTvW/6bdPi23ExzxZn7KOdrfclYRph1LHMpAONv/x2xALIf91UB+v5ohy1oDoasL0gij1houRe 2ERKKdwz0ZL9SWq6VTdhr/5G994CK72fy5WhyERbDjUIdHaK3M849JJuf8cSrvSb4g== -----END RSA PRIVATE KEY-----
Launch the Instance
You are now ready to launch an instance of the AMI that you previously selected.
To launch an instance
-
Start the launch by entering the following command:
PROMPT>
ec2-run-instances
<ami_id>
-k<keypair-name>
The
<ami_id>
is the AMI ID you selected earlier and<keypair-name>
is the name of the key pair. The command will return the AMI instance ID, a unique identifier for each launched instance. You use the instance ID to manipulate the instance. This includes viewing the status of the instance, terminating the instance, and so on.Launching the instance will take a few minutes.
-
View the progress of the instance by entering the following command:
PROMPT>
ec2-describe-instances
<instance_id>
The
<instance_id>
is the ID of the instance.When the status field displays running, the instance was created and is booting.
-
Verify the instance is ready by entering the following command:
PROMPT>
ec2-get-console-output
<instance_id>
Look for the message: "Windows is Ready to use."
Note | |
---|---|
The instance might not be immediately accessible over the network. Make sure to use the
appropriate DNS name provided by the |
Important | |
---|---|
Once you launch an instance, AWS bills you for all usage, including hourly CPU time. Make sure to terminate any instances that you do not want to leave running. For information on Amazon EC2 pricing, go to the Amazon EC2 home page. |
Example
The following example launches an instance of ami-2bb65342.
PROMPT>
ec2-run-instances
ami-2bb65342
-kgsg-keypair
RESERVATION r-302dc059 416161254515 default INSTANCE i-eb977f82 ami-2bb65342 pending gsg-keypair 0 m1.small 2007-10-16T07:56:20+0000 us-east-1a
The following shows the status of the launch:
PROMPT>
ec2-describe-instances
i-eb977f82
RESERVATION r-302dc059 416161254515 default INSTANCE i-eb977f82 ami-2bb65342 ec2-72-44-40-222.compute-1.amazonaws.com 10-251-50-83.ec2.internal running gsg-keypair 0 m1.small 2007-10-16T07:56:20+0000 us-east-1a windows
Get Administrator Password
After you launch an instance, get its administrator password.
Note | |
---|---|
If you launch a public AMI, you must get its administrator password. A rebundled AMI uses the last password that you set before bundling it. Before you rebundle an AMI, you can change its administrator password. The new password will be the administrator password for all instances launched from this AMI. |
To get the administrator password
-
Enter the following command:
PROMPT>
ec2-get-password
-kgsg-keypair
instance_id
The parameter gsg-keypair
is the name of the file where you saved the private portion of the key pair you created and instance_id
is the ID of the instance.
Amazon EC2 returns the Windows password.
Example
The following example gets the Windows password for instance i-eb977f82.
PROMPT>
ec2-get-password
-kid_rsa-gsg-keypair
i-eb977f82
Qr89fdS1w
Authorize Network Access
To reach a running instance from the Internet, you must enable access for Remote Desktop on port 3389.
To enable Remote Desktop on port 3389
-
Get the public IP address of your local machine by going to a search engine, entering "what is my IP address," and using one of the provided services.
-
Authorize the security group to allow Remote Desktop access:
PROMPT>
your_ip_address
/32PERMISSION default ALLOWS tcp 3389 3389 FROM CIDR
your_ip_address
/32
Connect to the Instance
After an instance starts, you can log in and modify it according to your requirements.
To connect to your instance
-
Retrieve the FQDN of your instance.
This example retrieves the FQDN of the
i-ae0bf0c7
instance.PROMPT>
i-ae0bf0c7
RESERVATION r-7430c31d 924417782495 default INSTANCE i-ae0bf0c7 ami-2bb65342 ec2-67-202-7-236.compute-1.amazonaws.com ip-10-251-31-162.ec2.internal running gsg-keypair 0 m1.small 2008-03-21T16:19:25+0000 us-east-1a
In this example, the FQDN is
ec2-67-202-7-236.compute-1.amazonaws.com
-
From the Start menu, point to Programs, point to Accessories, point to Communications, and click Remote Desktop Connection.
The Remote Desktop Connection dialog box appears.
-
Enter the FQDN in the Computer field and click Connect.
The Remote Desktop Connection client connects to the instance.
-
Enter
administrator
as the user name and enter the password you retrieved in Get Administrator Password. .
You now have complete control over the instance. You can add, remove, modify, or upgrade packages and files to suit your needs.
Important | |
---|---|
We recommend you exercise extreme care if you change any basic Amazon EC2 configuration settings. Otherwise, the AMI might become unbootable or inaccessible from the network once it is running. |
Load Software and Make Changes
Now that you are logged into the Windows instance, you can load software and make changes as you would with any Windows server. When you are finished with your changes, you can bundle the changes as a new AMI and launch an identical copy at any time. For information on bundling AMIs, see Bundling a Windows AMI
Note | |
---|---|
By default, Amazon EC2 instances running Windows do not have Automatic Updates enabled. |