问题
I am deploying a CloudFormation template which launches an EC2 instance from the Windows_Server-2019-English-Full-Base-2020.05.13 AMI.
By default, the Windows Server image has an Administrator user. To connect to the instance via RDP, I have to navigate to the console, click on Connect and then get the generated random password from the console.
Is there a way I can set the RDP password to a custom value? I would like to do this from the CloudFormation template, in the UserData section.
回答1:
Based on the comments.
The solution was to use the following command in UserData:
net user Administrator "new_password"
The command, as explained in the docs, can be used to change admin password.
This works because UserData executes under administrator account (ref):
User data scripts are executed from the local administrator account when a random password is generated.
回答2:
For completeness and future reference, here's what the CloudFormation template now looks like:
"UserData": {
"Fn::Base64": {
"Fn::Join": [
"",
[
"<powershell>\n",
"net user Administrator ",
{
"Ref": "Password"
},
"\n",
"& \"C:\\Program Files\\Amazon\\cfn-bootstrap\\cfn-signal\"",
" --stack ", { "Ref": "AWS::StackName" },
" --resource MyInstance" ,
" --region ", { "Ref" : "AWS::Region" },
"\n",
"</powershell>\n"
]
]
}
},
"CreationPolicy": {
"ResourceSignal" : {
"Count": "1",
"Timeout": "PT15M"
}
}
}
So there's two things going on:
- I am changing the Administrator password as suggested by Marcin in his answer.
- I am using
cfn-signalandCreationPolicyto ensure that the CloudFormation deployment waits for the UserData to be completed. More details here.
来源:https://stackoverflow.com/questions/62384706/how-to-set-the-administrator-password-for-a-windows-server-machine-on-aws-from-c