Working with Amazon Inspector Classic agents on Windows-based operating systems

You can start, stop, and modify the behavior of Amazon Inspector Classic agents. Sign in to your EC2 instance running a Windows-based operating system and perform any of the procedures in this chapter. For more information about the operating systems that are supported for Amazon Inspector Classic, see Amazon Inspector Classic supported operating systems and Regions.

Important

The Amazon Inspector Classic agent relies on Amazon EC2 instance metadata to function correctly. It accesses instance metadata using version 1 or version 2 of the Instance Metadata Service (IMDSv1or IMDSv2). See Instance Metadata and User Data to learn more about EC2 instance metadata and access methods.

Note

The commands in this chapter function in all AWS Regions that are supported by Amazon Inspector Classic.

Starting or stopping an Amazon Inspector Classic agent or verifying that the agent is running

To start, stop, or verify an agent

1. On your EC2 instance, choose Start, Run, and then enter services.msc.

2. If the agent is successfully running, two services are listed with their status set to Started or Running in the Services window: AWS Agent Service and AWS Agent Updater Service.

3. To start the agent, right-click AWS Agent Service, and then choose Start. If the service successfully starts, the status is updated to Started or Running.

4. To stop the agent, right-click AWS Agent Service, and then choose Stop. If the service successfully stops, the status is cleared (appears as blank). We don't recommend stopping the AWS Agent Updater Service because it disables the installation of all future enhancements and fixes to the agent.

5. To verify that the agent is installed and running, sign in to your EC2 instance, and open a command prompt using administrative permissions. Navigate to C:\Program Files\Amazon Web Services\AWS Agent, and then run the following command:

   AWSAgentStatus.exe

   This command returns the status of the currently running agent, or an error stating that the agent can't be contacted.

Modifying Amazon Inspector Classic agent settings

After the Amazon Inspector Classic agent is installed and running on your EC2 instance, you can modify the settings in the agent.cfg file to alter the agent's behavior. On Windows-based operating systems, the file is located in the C:\ProgramData\Amazon Web Services\AWS Agent directory. After you modify and save the agent.cfg file, you must stop and start the agent for the changes to take effect.

Important

We highly recommend that you modify the agent.cfg file only with the guidance of AWS Support.

Configuring proxy support for an Amazon Inspector Classic agent

To get proxy support for an agent on a Windows-based operating system, use the WinHTTP proxy. To set up the WinHTTP proxy using the netsh utility, see Netsh Commands for Windows Hypertext Transfer Protocol (WINHTTP).

Important

Only HTTPS proxies are supported for Windows-based instances.

Complete one of the following procedures:

To install an agent on an EC2 instance that uses a proxy server

1. Download the following .exe file: https://d1wk0tztpsntt1.cloudfront.net/windows/installer/latest/AWSAgentInstall.exe

2. Open a command prompt window or PowerShell window (using administrative permissions). Navigate to the location where you saved the downloaded AWSAgentInstall.exe, and then run the following command:

   .\AWSAgentInstall.exe /install USEPROXY=1

To configure proxy support on an EC2 instance with a running agent

1. To configure proxy support, the version of the Amazon Inspector Classic agent that is running on your EC2 instance must be 1.0.0.59 or later. If you enabled the auto-update process for the agent, you can verify that your agent's version is 1.0.0.59 or later by using the Starting or stopping an Amazon Inspector Classic agent or verifying that the agent is running procedure. If you didn't enable the auto-update process for the agent, you must install the agent on this EC2 instance again by following the Installing the agent on a Windows-based EC2 instance procedure.

2. Open the registry editor (regedit.exe).

3. Navigate to the following registry key: "HKEY_LOCAL_MACHINE/SOFTWARE/Amazon Web Services/AWS Agent Updater".

4. Inside this registry key, create a registry DWORD(32bit) value called "UseProxy".

5. Double-click on the value, and set the value to 1.

6. Enter services.msc, locate the AWS Agent Service and the AWS Agent Updater Service in the Services window, and restart each process. After both processes have successfully restarted, run the AWSAgentStatus.exe file (see step 5 in Starting or stopping an Amazon Inspector Classic agent or verifying that the agent is running). View the status of your agent and verify that it is using the configured proxy.

Uninstalling the Amazon Inspector Classic agent

To uninstall the agent

1. Sign in to your EC2 instance running a Windows-based operating system where you want to uninstall the Amazon Inspector Classic agent.

   Note

   For more information about the operating systems that are supported for Amazon Inspector Classic, see Amazon Inspector Classic supported operating systems and Regions.

2. On your EC2 instance, navigate to Control Panel, Add/Remove Programs.

3. In the list of installed programs, choose AWS Agent, and then choose Uninstall.