Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Running Windows 10 on AWS EC2

Running Windows 10 on AWS EC2

Downloading the image

Download the windows image you want.

AWS vmimport supported versions: Microsoft Windows 10 (Professional, Enterprise, Education) (US English) (64-bit only)

So Home wont work.

You can download the trial Enterprise trial here: https://www.microsoft.com/en-us/evalcenter/evaluate-windows-10-enterprise

Creating the virtual machine

  • Use virtualbox to create a new virtual machine, make sure that it uses the VHD format (The OS is 20 gigabyte).
  • Install the Windows 10 image onto it.
  • Make sure to set a username password on the administrator account otherwise cannot connect trough remote desktop.
  • Install teamviewer on the virtual machine grant easy access to yourself and check extras->options
    • General -> Network Settings: Accept Incoming Lan Connections
    • Security -> Windows logon: Allowed for all users
  • Start -> Allow remote access to your computer
    • Allow remote connections to this computer
  • Install ec2 configure service http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/UsingConfig_Install.html
  • Restart the virtual machine.
  • Wait for windows 10 updates to install.
  • Exit the virtual machine.

Install and configure awscli

sudo apt install awscli
aws configure

http://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html During configure you can add your:

AWS access key. AWS secret access key. Default region.

If you set a default region you dont have to specify the region parameter in the following commands. Note that P2 instances are only avalible in the US.

Create an S3 bucket

The bucketname must be unique.

aws s3 mb s3://peterforgacs --region eu-central-1

Upload image to s3

Move to the folder you store the virtual machine file and upload the virtual image to the s3 bucket.

cd myvmfolder
aws s3 cp codexaws.vhd s3://peterforgacs --region eu-central-1

Configuration files

Create a trust policy in the file trust-policy.json

{
   "Version": "2012-10-17",
   "Statement": [
      {
         "Effect": "Allow",
         "Principal": { "Service": "vmie.amazonaws.com" },
         "Action": "sts:AssumeRole",
         "Condition": {
            "StringEquals":{
               "sts:Externalid": "vmimport"
            }
         }
      }
   ]
}

Create a vmimport role and add vim import/export access to it.

aws iam create-role --role-name vmimport --assume-role-policy-document file://trust-policy.json

Create a file named role-policy.json replace the !!REPLACEME!! to the bucketname you are using.

{
   "Version": "2012-10-17",
   "Statement": [
      {
         "Effect": "Allow",
         "Action": [
            "s3:ListBucket",
            "s3:GetBucketLocation"
         ],
         "Resource": [
            "arn:aws:s3:::!!REPLACEME!!"
         ]
      },
      {
         "Effect": "Allow",
         "Action": [
            "s3:GetObject"
         ],
         "Resource": [
            "arn:aws:s3:::!!REPLACEME!!/*"
         ]
      },
      {
         "Effect": "Allow",
         "Action":[
            "ec2:ModifySnapshotAttribute",
            "ec2:CopySnapshot",
            "ec2:RegisterImage",
            "ec2:Describe*"
         ],
         "Resource": "*"
      }
   ]
}

Add the policy to the vmimport role.

aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document file://role-policy.json

Create a configuration file on your computer called containers.json. Replace bucketname and myimage.vhd with your bucket and image name.

[{ "Description": "Windows 10 Base Install", "Format": "vhd", "UserBucket": { "S3Bucket": "peterforgacs", "S3Key": "codexaws.vhd" } }]

Create EC2 AMI from S3 VHD image

aws ec2 import-image --description "Windows 10" --disk-containers file://containers.json --region eu-central-1

This may take a while you can check on the status of the import.

aws ec2 describe-import-image-tasks --region eu-central-1

When the import status is completed you can head to the EC2 console and select the correct region.

Create EC2 instance from AMI

Images -> AMI -> Right click -> Launch

  • Instance type: g2 (You might have to ask the support for an increase in the g2 limit).
  • Security Group: Allow RDP, Teamviewer ports.

Instances -> Launch

Running the instance

Instances -> Right click -> Connect

You download the remote desktop file.

Launch that file with the username and password you set on the original instance.

In the form: .\Username pass

Post Install

Reassign teamviewer to the your teamviewer. Download nvidia experience and install a driver.

@krkeegan

This comment has been minimized.

Copy link

@krkeegan krkeegan commented Dec 6, 2018

This works great. Thanks for the step-by-step. As implied at the top Windows 10 Home will not work.

Anyone figure out how to get higher resolution out of the Windows Basic Display Driver? I am stuck at 1280x1024.

@Carl-Gustaf

This comment has been minimized.

Copy link

@Carl-Gustaf Carl-Gustaf commented Dec 18, 2018

First of all, thank you.

The AMI doesn't seem to be compatible to run with the new generation T3 instances. There seems to be a problem with trying to install the Elastic Network Adapter (ENA) which might might not be supported for Window 10 AMI's?

Has anyone been able to get the Windows 10 AMI to work with t3/g3 instances?

@riadbsc

This comment has been minimized.

Copy link

@riadbsc riadbsc commented Jan 29, 2019

Thanks! looks very simple to follow.
Any idea what about the licensing?

Do i need to bring my license and activate? Will the license "survive" a reboot?

@rejenet24

This comment has been minimized.

Copy link

@rejenet24 rejenet24 commented Apr 11, 2019

I cant seem to access my instance either through teamview, or from my Server instance that is on the same subnet. What cuases the ethernet adapter to be set up right?

@RaR1991

This comment has been minimized.

Copy link

@RaR1991 RaR1991 commented Oct 18, 2019

First, I want to say thank you for sharing with us, but is it possible that someone upload a windows 10 pro image to a hosting site or if it's possible to create an image from an azure machine thanks

@vhoanguyen

This comment has been minimized.

Copy link

@vhoanguyen vhoanguyen commented Jan 26, 2020

First of all, thank you.

The AMI doesn't seem to be compatible to run with the new generation T3 instances. There seems to be a problem with trying to install the Elastic Network Adapter (ENA) which might might not be supported for Window 10 AMI's?

Has anyone been able to get the Windows 10 AMI to work with t3/g3 instances?

try this to upgrade
https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/migrating-latest-types.html#auto-upgrade

@tsal

This comment has been minimized.

Copy link

@tsal tsal commented Feb 25, 2020

First, I want to say thank you for sharing with us, but is it possible that someone upload a windows 10 pro image to a hosting site or if it's possible to create an image from an azure machine thanks

@RaR1991 - You can export an image from azure as a VHD: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/download-vhd

@FascinateDK

This comment has been minimized.

Copy link

@FascinateDK FascinateDK commented Apr 24, 2020

Thanks for sharing,

What about the rules of the license in the cloud ? Does MS is okay to make us use a license on the cloud without software assurance ?

Thanks in advance

@mwarner1

This comment has been minimized.

Copy link

@mwarner1 mwarner1 commented May 15, 2020

The way I read this page, Windows 10 isn't licensed to run in AWS unless you're doing it on "Dedicated Instances or Dedicated Hosts." Or so it appears.

@colomonkey

This comment has been minimized.

Copy link

@colomonkey colomonkey commented Jun 8, 2020

Thank you for this guide. The instance monitoring reports everything OK but i cannot login to the instance RDP or Teamviewer. The instance can not be reached with nmap within the same subnet/vpc with an allow all protocols in or outbound security group or via an external elastic IP. The instance uses default DHCP to obtain the correct IP.

What settings could cause this behaviour?

@billcasemi

This comment has been minimized.

Copy link

@billcasemi billcasemi commented Sep 14, 2020

Thank you very much for this informative guide. I wanted to add some additional information for using certain instance types. Many instance types require Elastic Network Adapter support, which requires installation of a driver on your image.

Details here: https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/enhanced-networking-ena.html

Likewise, if you plan to use a GPU-enabled instance, likely you want to install the NVIDIA graphics driver (as mentioned). There are different drivers available, depending on the Instance type.

Details here: https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/install-nvidia-driver.html

Finally, I have not found it necessary to install TeamViewer to access the instance, instead using the "Connect" feature in EC2 instances to download and launch the Remote Desktop Protocol file to connect with the credentials specified in the image.

Again, thanks to everyone for the input.

@mkralla11

This comment has been minimized.

Copy link

@mkralla11 mkralla11 commented Oct 8, 2020

Thank you - I can confirm this is working as of 10/7/2020 with no modifications needed. ENA is not required for all EC2 instance types so if you don't need to be picky with which type you need, you will be able to follow this guide exactly.

As mentioned previously, TeamViewer is not required, just downloading the RDP file and using Microsoft Remote Desktop (I'm even on a Mac) works perfectly fine.

@BasyirSheersComputer

This comment has been minimized.

Copy link

@BasyirSheersComputer BasyirSheersComputer commented Dec 2, 2020

I'm too noob to process this. Need a video {pulls hair}! Thanks a lot anyway!

@yuryzaf23

This comment has been minimized.

Copy link

@yuryzaf23 yuryzaf23 commented Dec 24, 2020

please someone help me to get it workin in g4 instances? or say if it's possible? please

@philxiao

This comment has been minimized.

Copy link

@philxiao philxiao commented Jun 5, 2021

Thanks, I can also confirm this is working as of 06/04/2020 with no modifications. Also, I was able to enable ENA and launch the image correctly on an ENA-enabled instance type by following this instruction: https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/enhanced-networking-ena.html. Basically you launch the image on a t2 first, follow the instruction to install ENA driver. Then you stop the instance, modify ec2 attribute to enable ena, and change instance type to the ENA-enabled instance type you need, and start the instance. Everything should work like a charm.

@excme

This comment has been minimized.

Copy link

@excme excme commented Jul 6, 2021

July 2021 - works fine! Thanks a lot !

@abdennour

This comment has been minimized.

Copy link

@abdennour abdennour commented Jul 9, 2021

what about nested virtualization? i think still need to run i3.metal

@Jayeshtatar

This comment has been minimized.

Copy link

@Jayeshtatar Jayeshtatar commented Jul 26, 2021

How much cost do we need to pay for Create windows 10 Instance on AWS EC2?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment