AWS Windows AMIs - Amazon Elastic Compute Cloud

AWS Windows AMIs

AWS provides a set of publicly available AMIs that contain software configurations specific to the Windows platform. You can quickly start building and deploying your applications with Amazon EC2 by using these AMIs. First choose the AMI that meets your specific requirements, and then launch an instance using that AMI. You retrieve the password for the administrator account and then log in to the instance using Remote Desktop Connection, just as you would with any other Windows server. For more information about AWS Windows AMIs, see the AWS Windows AMI reference.

When you launch an instance from a Windows AMI, the root device for the Windows instance is an Amazon Elastic Block Store (Amazon EBS) volume. Windows AMIs don't support instance store for the root device.

Windows AMIs that have been configured for faster launching are pre-provisioned, using snapshots to launch instances up to 65% faster. To learn more about faster launching for Windows AMIs, including how you can configure faster launching for your Windows AMI, see Configure EC2 Fast Launch for your Windows Server AMI.


Microsoft no longer supports Windows Server versions prior to Windows Server 2016. We recommend that you launch new EC2 instances using a supported version of Windows Server. If you have existing EC2 instances that are running an unsupported version of Windows Server, we recommend that you upgrade those instances to a supported version of Windows Server. For more information, see Upgrade an Amazon EC2 Windows instance to a newer version of Windows Server.

Select an initial Windows AMI

To view the Windows AMIs provided by AWS, you can use the Amazon EC2 console or AWS Marketplace. For more information, see Find a Windows AMI.

You can also create an AMI from software running on your own Windows computer. For more information, see the following services:

Keep your AMIs up to date

AWS provides updated and fully-patched Windows AMIs within five business days of Microsoft's patch Tuesday (the second Tuesday of each month). The AWS Windows AMIs contain the latest security updates available at the time they were created. To view the latest updates for the AWS Windows AMIs, see Windows AMI version history in the AWS Windows AMI Reference.

Use the AWS Systems Manager Automation runbook AWS-UpdateWindowsAmi to update an AMI by installing Windows updates, Amazon software, and Amazon drivers. You can also use EC2 Image Builder, a fully managed AWS service, to help automate creating up-to-date AMIs. For more information, see the EC2 Image Builder User Guide.

For EC2 instances in an Auto Scaling group, you can create and use the PatchAMIAndUpdateASG runbook to update an Auto Scaling group with a newly patched AMI. For more information, see Updating AMIs for Auto Scaling groups in the AWS Systems Manager User Guide.

For existing EC2 instances, we recommend that you regularly patch, update, and secure the operating system and applications. For more information, see Update your Windows instance.

Virtualization types

AMIs use one of two types of virtualization: paravirtual (PV) or hardware virtual machine (HVM). The main differences between PV and HVM AMIs are the way in which they boot and whether they can take advantage of special hardware extensions for better performance. Windows AMIs are HVM AMIs.

HVM AMIs are presented with a fully virtualized set of hardware and boot by executing the master boot record of the root block device of your image. This virtualization type provides the ability to run an operating system directly on top of a virtual machine without any modification, as if it were run on the bare-metal hardware. The Amazon EC2 host system emulates some or all of the underlying hardware that is presented to the guest.

HVM guests can take advantage of hardware extensions that provide fast access to the underlying hardware on the host system. HVM AMIs are required to take advantage of enhanced networking and GPU processing. In order to pass through instructions to specialized network and GPU devices, the OS needs to be able to have access to the native hardware platform; HVM virtualization provides this access.

Paravirtual guests traditionally performed better with storage and network operations than HVM guests because they could leverage special drivers for I/O that avoided the overhead of emulating network and disk hardware, whereas HVM guests had to translate these instructions to emulated hardware. Now PV drivers are available for HVM guests, so Windows instances can get performance advantages in storage and network I/O by using them. With these PV on HVM drivers, HVM guests can get the same performance as paravirtual guests, or better.

Update your Windows instance

After you launch a Windows instance, you are responsible for installing updates on it. For more information, see Update management in Amazon EC2.

You can manually install only the updates that interest you, or you can start from a current AWS Windows AMI and build a new Windows instance. For information about finding the current AWS Windows AMIs, and keeping your AMIs up to date, see Find a Windows AMI and Keep your AMIs up to date.


Instances should be stateless when updating. For more information, see Managing Your AWS Infrastructure at Scale.

For Windows instances, you can install updates to the following services or applications:

We recommend that you reboot your Windows instance after installing updates. For more information, see Reboot your instance.

Upgrade or migrate to a newer version of Windows Server

For information about how to upgrade or migrate a Windows instance to a newer version of Windows Server, see Upgrade an Amazon EC2 Windows instance to a newer version of Windows Server.