Configure launch settings for Amazon EC2 instances - Amazon Elastic Compute Cloud
Compare Amazon EC2 launch agentsConfigure DNS Suffix

Configure launch settings for Amazon EC2 instances

Amazon EC2 launch agents perform tasks during instance startup and run if an instance is stopped and later started, or restarted. For information about a specific agent, see the detail pages in the following list.

Content

Compare Amazon EC2 launch agents

The following table shows the major functional differences between EC2Config, EC2Launch v1, and EC2Launch v2.

Feature EC2Config EC2Launch v1 EC2Launch v2
Run as Windows Service PowerShell Scripts Windows Service
Supports Legacy OS only

Windows 2016

Windows 2019 (LTSC and SAC)

Windows 2016

Windows 2019 (LTSC and SAC)

Windows 2022

Configuration file

 XML XML

YAML

Set Administrator username

 No No

Yes

User data size

 16 KB 16 KB

60 KB (compressed)

Local user data baked on AMI

 No No Yes, configurable
Task configuration in user data No No Yes

Configurable wallpaper

 No No

Yes

Customize task run order

 No No

Yes

Configurable tasks

 15

9

20 at launch

Supports Windows Event Viewer

 Yes

No

 Yes

Number of Event Viewer event types

 2

0

30
Note

EC2Config documentation is provided for historical reference only. The operating system versions it runs on are no longer supported by Microsoft. We strongly recommend that you upgrade to the latest launch service.

Configure DNS Suffix

With Amazon EC2 launch agents, you can configure a list of DNS suffixes that Windows instances use for domain name resolution. The launch agents override the standard Windows settings in the System\CurrentControlSet\Services\Tcpip\Parameters\SearchList registry key by adding the following values to the DNS suffix search list:

  • The domain of the instance

  • The suffixes that result from devolution of the instance domain

  • NV domain

  • The domains specified by each network interface cards

All launch agents support DNS suffix configuration. For more information, see your specific launch agent version:

  • For information about the setDnsSuffix task and how to configure DNS suffixes in EC2Launch v2, see setDnsSuffix .

  • For information about DNS suffix list setup and how to enable or disable devolution for EC2Launch v1, see Configure EC2Launch.

  • For information about DNS suffix list setup and how to enable or disable devolution for EC2Config, see EC2Config settings files.

Domain name devolution

Domain name devolution is an Active Directory behavior that allows computers in a child domain to access resources in the parent domain without using a fully qualified domain name. By default, domain name devolution continues until there are only two nodes left in the domain name progression.

Launch agents perform devolution on the domain name if the instance is connected to a domain, and add the results to the DNS suffix search list that's maintained in the System\CurrentControlSet\Services\Tcpip\Parameters\SearchList registry key. The agents use the settings from the following registry keys, to determine the devolution behavior.

  • System\CurrentControlSet\Services\Tcpip\Parameters\UseDomainNameDevolution

    • When not set, disables devolution

    • When set to 1, enables devolution (default)

    • When set to 0, disables devolution

  • System\CurrentControlSet\Services\Dnscache\Parameters\DomainNameDevolutionLevel

    • When not set, use level of 2 (default)

    • When set to 3 or greater, use value to set level

When you disable devolution or change your devolution settings to a higher level, the System\CurrentControlSet\Services\Tcpip\Parameters\SearchList registry key stil contains the suffixes that were added previously. They are not automatically removed. You can manually update the list, or you can clear the list and let your agent run through the process to set up the new list.

Note

To clear the DNS suffix list from the registry, you can run the following command.

PS C:\> Invoke-CimMethod -ClassName Win32_NetworkAdapterConfiguration -MethodName "SetDNSSuffixSearchOrder" -Arguments @{ DNSDomainSuffixSearchOrder = $null } | Out-Null
Devolution examples

The following examples show domain name progression through the devolution process.

corp.example.com

  • Progresses to example.com

locale.region.corp.example.com

  1. Progresses to region.corp.example.com

  2. Progresses to corp.example.com

  3. Progresses to example.com

locale.region.corp.example.com with a setting of DomainNameDevolutionLevel=3

  1. Progresses to region.corp.example.com

  2. Progresses to corp.example.com. The progression stops here, due to the level setting.