Amazon EC2 Windows AMI Password Re-enable

              Earlier, i had a scenario that i need to launch a Windows custom EBS AMI from Amazon EC2 and log-in to the machine. Unfortunately, I don’t have the password for that AMI. If you right-click on that instance and requiring password by triggering an API call to the AWS service – “Get Windows Password”, you will get the result (Password – Not available yet.). But, its never asked me to paste the key file that is associated to that instance for decrypt the password. Since, the password re-generation option was disabled by default. There is a EC2 config xml file, where ‘EC2Setpassword’ element state you can change ‘Enabled / Disabled’ modes. If you make this state as ‘Enabled’, it will re-generate a password for you, if you have ‘Diasabled’ state then you have to be used your password that you have given before bundle this AMI.




So what i did, i stopped this instance and de-attached the root volume and attached to linux instance and modified the Ec2Service config file. Steps detailed in below.

  • Stopped the windows instance and detached the root volume (/dev/sda1)
  • Launched a micro Linux instance and attached, mounted this root NTFS volume (mount -t ntfs-3g /dev/xvdf2 /mnt/temp/) on the Linux machine and opened the config.xml (/mnt/temp/Program Files/Amazon/Ec2ConfigService/Settings/config.xml) and changed the “Ec2SetPassword” password state from “Disabled” to “Enabled” and saved the file
  • Detached that volume from Linux and terminated the Linux machine
  • Attached this Root volume to windows machine again and started the machine
  • In a few seconds, the “Get Windows Password” triggered the password generation window and asked the “.pem” file and password has been generated

After, the XML looks like



Done everything!!!


One thought on “Amazon EC2 Windows AMI Password Re-enable

  1. This worked like a charm. Thanks!

    The last bit of mounting the detached volume back as the root volume in EC2 requires command-line:

    $ aws ec2 attach-volume –volume-id vol—instance-id i- –device /dev/sda1

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s