AWS CloudFormation
User Guide (API Version 2010-05-15)

Accessing AWS CloudFormation Windows Instances

Once you've successfully created a Microsoft Windows stack on AWS CloudFormation, you can log in to your instance with Remote Desktop to configure it manually. There are a number of steps involved:

  1. Find the physical id of your Windows instance.

  2. Use the physical id to retrieve the login credentials from Amazon EC2.

  3. Use the login credentials to access your instance with Remote Desktop.


Before starting, you'll need to have an AWS CloudFormation Windows stack running, and you'll also need the private key of the key pair you used when creating the instance. For information about generating Amazon EC2 key pairs, see Creating an EC2 Key Pair.

To retrieve the physical ID of your AWS CloudFormation Windows instance:

  1. From the AWS CloudFormation console, click on your Windows-based stack. You will see your stack information appear in the lower pane of the window.

  2. Click the Resources tab, and find the Physical ID of the AWS::EC2::Instance. It will look something like this: i-51366b2a.

    If you have many instances running, you will probably want to remember the physical ID of your instance, or write it down. You'll need it to recover the Administrator password to log in to your instance.

Once you have the physical ID of your instance, you can use this to retrieve the Administrator password.

To retrieve the Administrator password for your Windows instance:

  1. At the top left corner of the AWS CloudFormation console, click Services and then EC2. This will bring you to the Amazon EC2 Console Dashboard.

  2. On the Navigation Bar, click Instances. This will bring up a list titled My Instances.

  3. In the list, find your instance by its physical ID. Once you find it, right-click its entry on the list. This will display the Instance Management context menu.

  4. On the context menu, click Get Windows Password. A dialog will appear, called Retrieve Default Windows Administrator Password. On this dialog, an encrypted password will be shown, as well as the Amazon EC2 key pair that you used when creating the AWS CloudFormation Windows stack.

  5. Do one of the following (they are equivalent):

    • Locate the private key file you downloaded that corresponds to the key pair shown, copy its contents to the clipboard, and then paste it into the Private Key box on the dialog.

    • Click the Browse button to browse for the private key file on your system. When you select it, the contents of the file will appear in the Private Key box.

  6. Click Decrypt Password. The connection information for your instance will be shown, consisting of:

    • the IP address of your remote instance.

    • The user name to use when logging in.

    • The decrypted password.


This password is meant to be temporary. Once you log in to your instance, you should change it to one of your own choice.

These user credentials can be used to log in to your Windows instance with Remote Desktop.

To log in to your AWS CloudFormation Windows stack:

  1. Start your Remote Desktop client.

  2. When prompted for the Server, enter the server name that you retrieved for your instance from EC2.

  3. Enter the User name ("Administrator") and the Password that you retrieved from EC2.

  4. If you are prompted for a Domain, leave the field blank.

  5. Click OK to finish connecting.

Once you're logged in to your server, you can configure it how you like. You can also use this credential information to log in to any secure outputs that your stack created, such as a Sharepoint site. It's your Windows instance, do what you want with it!