Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

How do I resolve a Windows activation fail message on my Amazon EC2 Windows instance?

4 minute read
1

I received a Windows activation fail message on my Amazon Elastic Compute Cloud (Amazon EC2) Windows instance.

Short description

For activation, EC2 Windows instances use the Microsoft Key Management Services (Microsoft KMS) on AWS. If your instance can't reach the Microsoft KMS server, then you receive a Windows activation error message.

For more information about Microsoft KMS, see Understanding KMS on the Microsoft website.

To resolve a Windows activation failure on your EC2 instance, use the AWSSupport-ActivateWindowsWithAmazonLicense runbook to automatically activate Windows. Or, manually activate Windows.

Resolution

Use AWSSupport-ActivateWindowsWithAmazonLicense to activate Windows

Prerequisites:

To activate Windows, complete the following steps:

  1. Open the Systems Manager console.

    Note: Make sure that you're in the same AWS Region as the instance that you must activate.

  2. In the navigation pane, choose Automation, and then choose Execute automation.

  3. In the search field, enter ActivateWindowsWithAmazonLicense.

  4. Select AWSSupport-ActivateWindowsWithAmazonLicense, and then choose Next.

  5. For Execute automation document, choose Simple execution.

  6. For Input parameters, select Show interactive instance picker, and then choose your instance.
    If you can't find your instance in the interactive instance picker, then you must run the runbook with AllowOffline set to True. For Input parameters, clear Show interactive instance picker. For InstanceID, enter your instance ID and for AllowOffline, select True.
    Note: When you set AllowOffline to True, Amazon EC2 stops and starts your instance. To configure your instance for a stop and start, see Configure your instance for a stop and start on How do I troubleshoot status check failures on my Amazon EC2 instance?

Note: You can't use the AWSSupport-ActivateWindowsWithAmazonLicense runbook to activate Bring Your Own License (BYOL) Windows instances. To use your own license, contact your vendor.

To monitor the progress of the runbook, complete the following steps:

  1. Open the Systems Manager console.
  2. From the navigation pane, choose Automation.
  3. Choose the running automation, and then choose Executed steps.
  4. Choose Outputs.

Manually activate Windows

Manually activate instances that use Windows Server 2016 or 2019

Complete the following steps:

  1. Install the latest version of EC2Launch.

  2. Open Windows PowerShell as an administrator, and then run the following command to import the EC2Launch module:

    Import-Module "C:\ProgramData\Amazon\EC2-Windows\Launch\Module\Ec2Launch.psd1"

  3. Run the following command to add routes:

    Add-Routes

  4. Run the following command to set the activation settings:

    Set-ActivationSettings

  5. Run the following command to activate Windows:

    slmgr /ato

Manually activate instances that use Windows Server 2022 and later, or instances with EC2Launch v2 installed

Complete the following steps:

  1. Install the latest version of EC2Launch v2.

    Note: By default, instances that use Windows Server 2022 include EC2Launch v2.

  2. Open Windows PowerShell as an administrator, and then run the following command to restart EC2Launch v2:

    Net Restart "Amazon EC2Launch"

    Note: When EC2Launch v2 restarts, it automatically resets the operating system (OS) routes.

  3. If Windows doesn't activate, then check the network communication from the instance to the Microsoft KMS server. Open Windows PowerShell, and then run the following commands to test your connection:

    Test-netconnection 169.254.169.250 -Port 1688 
Test-netconnection 169.254.169.251 -Port 1688

    Note: In the output, confirm that the connection status is TcpTestSuccessed=True.

  4. If the connection status is False, then verify that the registry keys have the correct Microsoft KMS values. Example configuration:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows 
NT\CurrentVersion\SoftwareProtectionPlatform 
KeyManagementServiceName - 169.254.169.250 
KeyManagementServicePort - 1688

    Note: You can also use 169.254.169.251 as the KeyManagementServiceName value.

  5. Rerun the Test-netconnection commands. If the connection status output is still False, then make sure that you set the local Amazon Time Sync Service on your instance.

Troubleshoot the "Unable to activate Windows" error

If you launch a Windows instance from an Amazon Elastic Block Store (Amazon EBS) snapshot, then you might receive the following error message:

"A problem occurred when Windows tried to activate. Error Code 0xC004F074"

To troubleshoot this issue, see "Unable to activate Windows".

Related information

EC2Config settings files

Upgrade PV drivers on EC2 Windows instances

How do I troubleshoot time issues with my EC2 Windows instance?

Topics
End User ComputingCompute
Tags
Amazon EC2AWS Support Automation WorkflowsWindows
Language
English

Related videos

Watch Claudio's video to learn more (6:15)
Watch Claudio's video to learn more (6:15)
AWS OFFICIALUpdated 5 days ago
1 Comment

This article was reviewed and updated on 2026-04-16

AWS
EXPERT
replied 4 days ago

Relevant content