Skip to content

Instantly share code, notes, and snippets.

@tsal
Forked from peterforgacs/Windows10AWSEC2.md
Created February 25, 2020 13:17
Show Gist options
  • Save tsal/b8b3546c20f439b397800c92f65e5be5 to your computer and use it in GitHub Desktop.
Save tsal/b8b3546c20f439b397800c92f65e5be5 to your computer and use it in GitHub Desktop.
Running Windows 10 on AWS EC2

Running Windows 10 on AWS EC2

Downloading the image

Download the windows image you want.

AWS vmimport supported versions: Microsoft Windows 10 (Professional, Enterprise, Education) (US English) (64-bit only)

So Home wont work.

You can download the trial Enterprise trial here: https://www.microsoft.com/en-us/evalcenter/evaluate-windows-10-enterprise

Creating the virtual machine

  • Use virtualbox to create a new virtual machine, make sure that it uses the VHD format (The OS is 20 gigabyte).
  • Install the Windows 10 image onto it.
  • Make sure to set a username password on the administrator account otherwise cannot connect trough remote desktop.
  • Install teamviewer on the virtual machine grant easy access to yourself and check extras->options
    • General -> Network Settings: Accept Incoming Lan Connections
    • Security -> Windows logon: Allowed for all users
  • Start -> Allow remote access to your computer
    • Allow remote connections to this computer
  • Install ec2 configure service http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/UsingConfig_Install.html
  • Restart the virtual machine.
  • Wait for windows 10 updates to install.
  • Exit the virtual machine.

Install and configure awscli

sudo apt install awscli
aws configure

http://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html During configure you can add your:

AWS access key. AWS secret access key. Default region.

If you set a default region you dont have to specify the region parameter in the following commands. Note that P2 instances are only avalible in the US.

Create an S3 bucket

The bucketname must be unique.

aws s3 mb s3://peterforgacs --region eu-central-1

Upload image to s3

Move to the folder you store the virtual machine file and upload the virtual image to the s3 bucket.

cd myvmfolder
aws s3 cp codexaws.vhd s3://peterforgacs --region eu-central-1

Configuration files

Create a trust policy in the file trust-policy.json

{
   "Version": "2012-10-17",
   "Statement": [
      {
         "Effect": "Allow",
         "Principal": { "Service": "vmie.amazonaws.com" },
         "Action": "sts:AssumeRole",
         "Condition": {
            "StringEquals":{
               "sts:Externalid": "vmimport"
            }
         }
      }
   ]
}

Create a vmimport role and add vim import/export access to it.

aws iam create-role --role-name vmimport --assume-role-policy-document file://trust-policy.json

Create a file named role-policy.json replace the !!REPLACEME!! to the bucketname you are using.

{
   "Version": "2012-10-17",
   "Statement": [
      {
         "Effect": "Allow",
         "Action": [
            "s3:ListBucket",
            "s3:GetBucketLocation"
         ],
         "Resource": [
            "arn:aws:s3:::!!REPLACEME!!"
         ]
      },
      {
         "Effect": "Allow",
         "Action": [
            "s3:GetObject"
         ],
         "Resource": [
            "arn:aws:s3:::!!REPLACEME!!/*"
         ]
      },
      {
         "Effect": "Allow",
         "Action":[
            "ec2:ModifySnapshotAttribute",
            "ec2:CopySnapshot",
            "ec2:RegisterImage",
            "ec2:Describe*"
         ],
         "Resource": "*"
      }
   ]
}

Add the policy to the vmimport role.

aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document file://role-policy.json

Create a configuration file on your computer called containers.json. Replace bucketname and myimage.vhd with your bucket and image name.

[{ "Description": "Windows 10 Base Install", "Format": "vhd", "UserBucket": { "S3Bucket": "peterforgacs", "S3Key": "codexaws.vhd" } }]

Create EC2 AMI from S3 VHD image

aws ec2 import-image --description "Windows 10" --disk-containers file://containers.json --region eu-central-1

This may take a while you can check on the status of the import.

aws ec2 describe-import-image-tasks --region eu-central-1

When the import status is completed you can head to the EC2 console and select the correct region.

Create EC2 instance from AMI

Images -> AMI -> Right click -> Launch

  • Instance type: g2 (You might have to ask the support for an increase in the g2 limit).
  • Security Group: Allow RDP, Teamviewer ports.

Instances -> Launch

Running the instance

Instances -> Right click -> Connect

You download the remote desktop file.

Launch that file with the username and password you set on the original instance.

In the form: .\Username pass

Post Install

Reassign teamviewer to the your teamviewer. Download nvidia experience and install a driver.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment