Add a local rdp user via user data at launch of a Windows EC2 instance. Note that this includes a password passed in thru both the user data and powershell command line and is a bad security practice because they can be viewed later. At a minimum, you should connect to the instance immediately after launch and change the password interactively. Also, delete the userdata from the instance after launch. More secure would be to connect the instance to a domain for authentication or use AWS native tooling to connect to the instance (e.g., AWS Session Manager).
<powershell>
# Be sure to set the username and password on these two lines. Of course this is not a good
# security practice to include a password at command line.