Complete a 3 Question Survey and Earn a re:Post Badge

Help improve AWS Support Official channel in re:Post and share your experience - complete a quick three-question survey to earn a re:Post badge!

How do I use EC2Rescue to troubleshoot issues in my Amazon EC2 Windows instance?

5 minute read

I want to use EC2Rescue to troubleshoot issues in my Amazon Elastic Compute Cloud (Amazon EC2) Windows instance.

Short description

EC2Rescue is a troubleshooting tool for EC2 Windows Server instances. Use the tool to troubleshoot OS-level issues and collect advanced logs and configuration files for deeper analysis. You can also use EC2Rescue to resolve the following issues:

Instance connectivity issues because of firewall, Remote Desktop Protocol (RDP), or network interface configuration.
OS boot issues because of a blue screen or stop error, boot loop, or corrupted registry.
Other issues that require advanced log analysis and troubleshooting.

Note: Capture a screenshot of your EC2 Windows instance to determine the state of the instance.

You can run EC2Rescue manually or automatically.

System requirements

EC2Rescue requires an EC2 Windows instance that runs on Windows Server 2008 R2 or later and that is accessible from an RDP connection. It also requires an EC2 Windows instance that has a .NET Framework 3.5 SPI or later installed.

Note: EC2Rescue only runs on Windows Server 2008 R2 or later, but the tool can analyze the offline volumes of Windows Server 2008 or later.

Resolution

Note: If you receive errors when you run AWS Command Line Interface (AWS CLI) commands, then see Troubleshooting errors for the AWS CLI. Also, make sure that you're using the most recent AWS CLI version.

Use the Systems Manager AWSSupport-ExecuteEC2Rescue Automation document

The AWSSupport-ExecuteEC2Rescue Automation document combines AWS Lambda functions with AWS Systems Manager and AWS CloudFormation actions to automate EC2Rescue steps.

For more information, see Run the EC2Rescue tool on unreachable instances.

Important: The Automation workflow stops the instance. If the instance has an instance store volume, then any data on the volume is lost when the instance stops. If you don't use an Elastic IP address, then the public IP address releases when the instance stops.

When you're ready, run the Systems Manager AWSSupport-ExecuteEC2Rescue Automation.

Use the AWSSupport-RunEC2RescueForWindowsTool runbook

Before you start the AWSSupport-RunEC2RescueForWindowsTool runbook, make sure that your AWS Identify and Access Management (IAM) user or role has the required permissions. For more information, see the example IAM policy in Troubleshoot impaired Windows instance with EC2Rescue and Systems Manager.

Complete the following steps:

Open the AWS Systems Manager console.
In the navigation pane, choose Documents.
In the search bar, enter AWSSupport-RunEC2RescueForWindowsTool.
Select the AWSSupport-RunEC2RescueForWindowsTool document.
Choose Run command.
In Command parameters, for Command, choose one of the following parameters:
- ResetAccess
- CollectLogs
- FixAll
In Parameters, enter the PowerShell parameters.
Choose Run.
After the automation completes, review the detailed results in the Outputs section.

Note: Make sure that your instance has access to the Amazon Simple Storage Service (Amazon S3) bucket that's specified in the AWS CLI commands.

For more information, see Amazon EC2 examples.

Run EC2Rescue manually

To run EC2Rescue manually, use one of the following methods:

Complete the following steps:

Download the EC2Rescue zip file on your EC2 Windows instance.
Note: The AWSSupport-RunEC2RescueForWindowsTool Systems Manager Run Command document method downloads and verifies EC2Rescue for Windows Server.
For instance connectivity issues, use the Diagnose and Rescue feature in Offline instance mode.
For OS boot issues, use the Restore feature in Offline instance mode.
For advanced logs and troubleshooting, use the Capture logs feature in either Current instance mode or Offline instance mode.

Current instance mode

Current instance mode analyzes the instance that EC2Rescue currently runs. Current instance mode is read-only and doesn't modify the current instance. This mode doesn't directly fix issues. Use Current instance mode to gather system information and logs for analysis or for submission to system administrators or AWS Support.

Current instance mode has two features, System Information and Capture Logs. System Information shows important system information about the current system in a text box for you to copy and paste. Capture Logs automatically gathers and packages troubleshooting logs that you selected into a zip folder under the name and location that you specify.

Offline instance mode

With Offline instance mode, you can select the volume of an offline system. EC2Rescue analyzes the volume and presents automated rescue and restore options. Offline instance mode offers the following features:

System Information: Displays important system information about the current system in a text box for efficient copying.
Select Disk: If multiple offline root volumes are connected to the instance, then you can use this feature to select a specific volume.
Note: If the selected disk isn't already online, then this feature automatically brings the disk online for you.
Diagnose and Rescue: Detects and provides options to automatically fix common configuration issues that prevent RDP connections or cause instance status checks to fail. The following settings are inspected for possible configuration issues:
- System time settings
- Windows Firewall settings
- Remote Desktop settings
- EC2Config version and settings (Windows Server 2012 R2 and earlier)
- EC2Launch version and settings (Windows Server 2016 and later)
- Network interface settings
Restore: Set the offline instance to boot to Last Known Good Configuration or Restore registry from backup. Use this feature if you suspect an improperly configured or corrupted registry.
Capture Logs: Select from a list of relevant troubleshooting logs. This feature then automatically gathers and packages those logs into a zipped folder under the name and location that you specify.

Related information

Troubleshoot impaired Amazon EC2 Linux instance using EC2Rescue

Troubleshoot impaired Amazon EC2 Windows instance using EC2Rescue

Setting up Automation

Topics

Compute End User Computing

Relevant content

Performed EC2Rescue on a volume multiple times successfully, yet unable to establish RDP connection when mounted as root on the original EC2 windows instance.
Mayank Malkoti
asked 8 months ago
Unable to connect instance using RDP
rePost-User-7075271
asked 3 years ago
Windows: Unable to reset Windows Administrator Password using EC2Rescue OR EC2Launch
Accepted Answer
Alert
asked 2 years ago
IIS & other services have suddenly stopped working on my EC2 windows m6a.xlarge instance
Omkar
asked 7 months ago
My EC2 Instance is going down
Rashed Zaman
asked 3 years ago
How do I use EC2Rescue for Linux to troubleshoot OS-level issues?
AWS OFFICIALUpdated 3 days ago
How do I troubleshoot RDP connection issues with my Amazon EC2 Windows instance?
AWS OFFICIALUpdated 9 months ago
How do I troubleshoot website connectivity issues on my EC2 Windows instance?
AWS OFFICIALUpdated 2 years ago
How do I troubleshoot an instance status check failure on my Amazon EC2 Windows instance?
AWS OFFICIALUpdated 2 years ago
Support Automation Workflow (SAW) Runbook: Upload EC2 Rescue log bundle from the target instance to the specified Amazon S3 bucket
EXPERT
Maya Karalic
published 2 years ago