How do I use EC2Rescue to troubleshoot issues with my Amazon EC2 Windows instance?

6 minute read

I’m experiencing one of the following issues with my Amazon Elastic Compute Cloud (Amazon EC2) Windows instance: I can’t connect to my Amazon EC2 Windows instance. I am experiencing boot issues. I need to perform a restore action. I need to fix common issues such as a disk signature collision. I need to gather operating system (OS) logs for analysis and troubleshooting.

Short description

EC2Rescue for EC2 Windows is a troubleshooting tool for Amazon EC2 Windows Server instances. Use the tool to troubleshoot OS-level issues and to collect advanced logs and configuration files for further analysis. The following are common issues that EC2Rescue addresses:

Instance connectivity issues because of firewall, Remote Desktop Protocol (RDP), or network interface configuration.
OS boot issues because of a blue screen or stop error, a boot loop, or a corrupted registry.
Other issues that need advanced log analysis and troubleshooting.

Note: Capture a screenshot of an Amazon EC2 Windows instance to determine the state of the instance.

You can run EC2Rescue manually or automatically.

System requirements

EC2Rescue requires an Amazon EC2 Windows instance that:

Runs on Windows Server 2008 R2 or later.
Has a .NET Framework 3.5 SPI or later installed.
Is accessible from an RDP connection.

Note: EC2Rescue runs only on Windows Server 2008 R2 or later, but the tool can analyze the offline volumes of Windows Server 2008 or later.

Resolution

Choose one of the following methods to use the EC2Rescue tool.

Use the Systems Manager AWSSupport-ExecuteEC2Rescue Automation document

The AWSSupport-ExecuteEC2Rescue Automation document combines AWS Lambda functions with Systems Manager and AWS CloudFormation actions to automate EC2Rescue steps.

For more information about how the document works, permissions requirements, and prerequisites to use the tool, see Run the EC2Rescue tool on unreachable instances.

Important: The Automation workflow stops the instance. If the instance has an instance store volume, any data on the volume is lost when the instance stops. If you aren't using an Elastic IP address, the public IP address releases when the instance stops.

When you're ready, run the Systems Manager AWSSupport-ExecuteEC2Rescue Automation.

Use the AWSSupport-RunEC2RescueForWindowsTool runbook

Before you start the AWSSupport-RunEC2RescueForWindowsTool runbook, make sure that your AWS Identify and Access Management (IAM) user or role has the required permissions. For more information, see the example IAM policy in Troubleshoot impaired Windows instance with EC2Rescue and Systems Manager.

Note: If you receive errors when you run AWS Command Line Interface (AWS CLI) commands, then see Troubleshoot AWS CLI errors. Also, make sure that you're using the most recent AWS CLI version. Complete the following steps:

Open the Systems Manager console.
In the navigation pane, choose Documents.
In the search bar, enter AWSSupport-RunEC2RescueForWindowsTool.
Select the AWSSupport-RunEC2RescueForWindowsTool document.
Choose Run command.
In Command parameters, for Command, choose one of these parameters:
ResetAccess
CollectLogs
FixAll
In Parameters, enter the Windows PowerShell parameters.
Choose Run.
After the automation completes, review the detailed results in the Outputs section.

For more information on how to use the Systems Manager Run Command document to run EC2Rescue for Windows Server with the AWS CLI, see Amazon EC2 examples.

Note: Make sure that your instance has access to the Amazon Simple Storage Service (Amazon S3) bucket that's specified in the AWS CLI commands.

Run EC2Rescue manually

To run EC2Rescue manually, use one of the following methods:

Complete the following steps:

Download EC2Rescue (zip file) on your Amazon EC2 Windows instance.
Note: The AWSSupport-RunEC2RescueForWindowsTool Systems Manager Run Command document method downloads and verifies EC2Rescue for Windows Server for you.
Use EC2Rescue to troubleshoot the following Amazon EC2 Windows Server instance issues:
Instance connectivity issues: Use the Diagnose and Rescue feature in Offline instance mode.
OS boot issues: Use the Restore feature in Offline instance mode.
Advanced logs and troubleshooting: Use the Capture logs feature in either Current instance mode or Offline instance mode.

Current instance mode

This mode analyzes the instance that EC2Rescue currently runs. Current instance mode is read-only and doesn't modify the current instance. This mode doesn't directly fix issues. Use Current instance mode to gather system information and logs for analysis or for submission to system administrators or AWS Support.

Features

System Information: Displays important system information about the current system in a text box for efficient copy and paste.
Capture logs: First, select from a list of relevant troubleshooting logs. This feature then automatically gathers and packages those logs into a zipped folder under the name and location that you specify.

Offline instance mode

This mode allows you to select the volume of an offline system. EC2Rescue analyzes the volume and presents automated rescue and restore options. Offline instance mode also includes the same Capture logs feature as Current instance mode.

Features

System Information: Displays important system information about the current system in a text box for efficient copying.
Select Disk: If multiple offline root volumes are connected to the instance, this feature allows you to select a specific volume.
Note: If the selected disk isn't already online, this feature automatically brings the disk online for you.
Diagnose and Rescue: Detects and provides options to automatically fix common configuration issues that prevent RDP connections or that cause instance status checks to fail. The following items are inspected for possible configuration issues:
System time settings
Windows Firewall settings
Remote Desktop settings
EC2Config version and settings (Windows Server 2012 R2 and earlier)
EC2Launch version and settings (Windows Server 2016 and later)
Network interface settings
Restore: Set the offline instance to boot to Last Known Good Configuration or Restore registry from backup. Use this feature if you suspect an improperly configured or corrupted registry.
Capture logs: First, select from a list of relevant troubleshooting logs. This feature then automatically gathers and packages those logs into a zipped folder under the name and location that you specify.

Related information

Troubleshoot impaired Amazon EC2 Linux instance using EC2Rescue

Troubleshoot impaired Amazon EC2 Windows instance using EC2Rescue

Setting up Automation

Topics

Compute End User Computing

Relevant content

I want to change the instance type "windows with sql server" to "windows standard" for my EC2
Accepted Answer
ThanhND
asked 6 months ago
AWS EC2 Windows Server and Windows 10 Instances
NeXraD
asked 3 years ago
Ec2 Instance on Windows
Noor
asked 6 months ago
Conection problem in Windows EC2
rePost-User-8086889
asked 2 years ago
SMS Patching Fails for ALL Windows Server 2019 EC2 Instances
Accepted Answer
KevinM_BMW
asked 3 years ago
How do I troubleshoot an instance status check failure on my Amazon EC2 Windows instance?
AWS OFFICIALUpdated 2 years ago
How do I capture a screenshot of an unreachable Amazon EC2 Windows instance for troubleshooting?
AWS OFFICIALUpdated 2 years ago
How do I troubleshoot RDP connection issues with my Amazon EC2 Windows instance?
AWS OFFICIALUpdated 7 months ago
How do I troubleshoot website connectivity issues on my EC2 Windows instance?
AWS OFFICIALUpdated 2 years ago
How do I troubleshoot and deep dive windows patching / updates installation failures on EC2 Windows Instances?
EXPERT
Phanindra V
published 14 days ago