What is the best procedure for setting up a password or other credentials to work with throw away EC2 instances that are generated from AMIs

0

We have a number of AMIs that are used to create temporary Windows EC2 instances accessed via RDP in order to test our different versions of our products in different environments. Currently each AMI creates an EC2 instance and the password is the same for all of them always. It has been like this for many years now.

This feels wrong. It is not really much of a password policy even if the instances are temporary i.e. regularly have different IP addresses as they are stopped or terminated after use.

Is there a better approach so that it is straight forward to setup and either change password or have some other mechanism for accessing the EC2 instances?

UPDATE: I should add that this is used by our support agents who quickly fire up an instance so this needs to be relatively straight forward and an automated approach.

zeiddev
質問済み 4ヶ月前219ビュー
2回答
4

Hi,

Yes, there is a better solution: you can have an automatically generated WIndows admin password and retrieve it via CLI

For that get-password-data command use https://docs.aws.amazon.com/cli/latest/reference/ec2/get-password-data.html.

See examples at bottom of page.

Any other language SDK can also do it via https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetPasswordData.html

Best,

Didier

profile pictureAWS
エキスパート
回答済み 4ヶ月前
2

Hello.

You can change the password to any password you like by running the following command with the user data when starting EC2.

<powershell>
net user Administrator "New Password"
</powershell>

Alternatively, if you use Sysprep on the Windows OS to shut down when creating an AMI, you can change the initial password for Administrator each time.
https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2launch-v2-settings.html
a

profile picture
エキスパート
回答済み 4ヶ月前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ