Visits: 2213
For our Floating Cloud images the proccess is to
- run the password reset scripts
- copy the config.xml file to
C:\Program Files\Amazon\Ec2ConfigService\Settings
directory: - Create AMI without power off or reboot
[Windows Server 2016 and later] Configure settings using EC2Launch. To generate a random password at launch time, use the adminPasswordType setting. For more information, see Configuring EC2Launch.
[Windows Server 2012 R2 and earlier] Configure settings using EC2Config. To generate a random password at launch time, enable the Ec2SetPassword plugin; otherwise, the current administrator password is used. For more information, see EC2Config Settings Files.
To configure initialization settings
- On the instance to configure, open the following file in a text editor:
C:\ProgramData\Amazon\EC2-Windows\Launch\Config\LaunchConfig.json
. - Update the following settings as needed and save your changes. Provide a password in
adminPassword
only ifadminPasswordtype
isSpecify
.{ "setComputerName":
The password types are defined as follows:false
, "setWallpaper":true
, "addDnsSuffixList":true
, "extendBootVolumeSize":true
, "handleUserData":true
, "adminPasswordType": "Random | Specify | DoNothing
", "adminPassword": "password that adheres to your security policy (optional)
" }Random
EC2Launch generates a password and encrypts it using the user’s key. The system disables this setting after the instance is launched so that this password persists if the instance is rebooted or stopped and started.Specify
EC2Launch uses the password you specify inadminPassword
. If the password does not meet the system requirements, EC2Launch generates a random password instead. The password is stored inLaunchConfig.json
as clear text and is deleted after Sysprep sets the administrator password. EC2Launch encrypts the password using the user’s key.DoNothing
EC2Launch uses the password you specify in theunattend.xml
file. If you don’t specify a password inunattend.xml
, the administrator account is disabled. - In Windows PowerShell, run the following command to schedule the script to run as a Windows Scheduled Task. The script runs one time during the next boot and then disables these tasks from running again.
PS C:\> C:\ProgramData\Amazon\EC2-Windows\Launch\Scripts\InitializeInstance.ps1 -Schedule
Also see: https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2config-service.html