Resetting AWS Windows EC2 Instance Administrator Password

Most of us have launched a Windows EC2 instance for AWS. But we may forget it’s password, lose that password or AWS may reset or block it after 70 days if we are using a default password.

We can use AWS System Manager Service to reset the password of our Windows EC2 instance using the following three steps.

1- Create an IAM Role for SSM Full Access

2- Attach the role to EC2 Instance

3- Run Command in SSM for EC2 Rescue for Windows Tool against that EC2 instance

STEP 1- Create an IAM Role for SSM

Firstly we will start by creating an IAM role for SSM access for our instance

Go to IAM and create a new role for your EC2 instance to access Systems Manager Service

Create IAM Role

Select EC2 and click next

EC2 Role

Now search SSM in policies filter and select “AMAZONSSMFullAccess”

Click Next

SSM Full Access Selection

Create a Tag if required and click next

Next create a name for your role and create role

Creation of Role

STEP 2- Attach SSM Role to EC2 Instance

After creating role we will open EC2 from AWS Console and Navigate to our instance

Select EC2 instance and click Actions -> Instance Settings -> Attach/Modify IAM role

Search for the Role that we created in above step and attach it

STEP 3- System Manager Service to Reset Password

In Management Services go to System manager

Select Run Command from navigation pane

Search for EC2 Rescue for Windows Tool and select it.

Navigate downwards and chose specify instance by adding its Tag and value of tag or we can also select Choose instances manually that would show the list of instances that have SSM Role attached with them

Click Run

It will go in Progress state

It will change to Success state in a moment

Navigate to Parameter Store and select parameter for EC2 instance and the password will be present there