Recover EC2 Windows Administrator Password in AWS

In this blog, We will show you the steps to recover EC2 Windows administrator password for an EC2 Instance in AWS Environment.

PREREQUISITES

• The EC2 Instances should be windows 2008 R2 or later.
• SSM (Simple System Manager) agent should be installed on the EC2 Instance.

ENVIRONMENT OVERVIEW

• We created a windows 2012 R2 with no key pair associated with it.

CREATING IAM ROLE FOR SSM

• Open the AWS management console and access IAM Service.

• Click on Role option and select create Role.

• Under Choose the service that will use this role option select EC2 Instance and click on EC2 Role for AWS Systems Manager. Then click on the Permission button.

• Make sure that AWS SSM permission has been listed and click Next for Tags.

• Leave the default and click on Next for preview.

• Provide Role name and description and click on Create role.

• SSM role for EC2 has been created successfully.

• Search for the newly created role and click on it.

• Then click on Add Inline policy.

• Click on the JSON tab.

• Paste the below code in the JSON editor.

{
“Version”: “2012-10-17”,
“Statement”: [
{
“Effect”: “Allow”,
“Action”: [
“ssm:PutParameter”
],
“Resource”: [
“arn:aws:ssm:region:account_id:parameter/EC2Rescue/Passwords/<instanceid>” ] } ] }

• You can find the above code in this URL: https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2rw-ssm.html

• Make sure that you have updated the corresponding region, account ID and instance ID in the above script below proceed further. Then click on Review policy.

• Then provide the name for the policy and click on the Create button.

• The newly created policy will be available on the list.

ASSIGNING ROLE TO AN INSTANCE

• Open the EC2 Instance service and select the instance.

• Click on the Actions – Instance Settings – Attach/Replace IAM Role option.

• Select the Role from the drop-down list and click on Apply.

• The role has been added successfully.

• It will take at least 5 minutes to register the EC2 Instance with the Systems Manager.

RECOVERING THE PASSWORD

• Open the systems manager services through the AWS management console.

• Then click on Managed Instances.

• You will able to see your instance in the instance list.

• Then click on Run Command option.

• Now click on Run a command button.

• Select the AWSSupport-RunEC2RescueForWindowsTool from the below list.

• Scroll down and select the target instance.

• Also, make sure that command parameters have been set to ResetAccess.

• Once you confirm the settings, click on the Run command.

• It will take a few minutes to complete the process.

• After a few seconds, command ran successfully.

• Scroll Down and select the instance ID under Targets and outputs. Then click on View output.

• In the next screen, scroll down and expand the Step 2 – Output window.

• You will able to find a parameter store link to retrieve the windows administrator password for your instance.

• After accessing the link, click on show option to view the administrator password.

VERIFICATION

• Find the public IP for the EC2 instance in the EC2 Service page.

• You will able to access the server through RDP using the administrator password.

Thanks for reading this blog. We hope it was useful for you to learn about Recover EC2 Windows Administrator Password in AWS.