Mohammad Abu Mattar
Posted on December 17, 2022
Introduction
In this post, we will learn how to connect a EBS volume to an Windows EC2 instance using Powershell/GUI and also how to mount the EBS volume to the EC2 instance.
Prerequisites
- AWS CLI installed and configured
- IAM user with the following permissions:
- AmazonVPCFullAccess
- AmazonEC2FullAccess
- AmazonElasticBlockStoreFullAccess
Create an VPC
Step 1: Create VPC
To create a VPC, run the following command:
# Create a VPC
AWS_VPC=$(aws ec2 create-vpc \
--cidr-block 10.0.0.0/16 \
--query 'Vpc.VpcId' \
--output text)
# Add a name tag to the VPC
aws ec2 create-tags \
--resources $AWS_VPC \
--tags Key=Name,Value=aws-vpc
Explanation:
-
aws ec2 create-vpc
- Create a VPC -
--cidr-block
- The IPv4 network range for the VPC, in CIDR notation. -
--query
- The JMESPath query that is applied to the output. -
--output
- The output format of the command. -
--resources
- The IDs of the resources. -
--tags
- The tags to apply to the resource.
Step 2: Modify your custom VPC and enable DNS hostname support, and DNS support
To modify your custom VPC and enable DNS hostname support, and DNS support, run the following command:
# Enable DNS hostnames
aws ec2 modify-vpc-attribute \
--vpc-id $AWS_VPC \
--enable-dns-hostnames "{\"Value\":true}"
# Enable DNS support
aws ec2 modify-vpc-attribute \
--vpc-id $AWS_VPC \
--enable-dns-support "{\"Value\":true}"
Explanation:
-
aws ec2 modify-vpc-attribute
- Modifies the specified attribute of the specified VPC. -
--vpc-id
- The ID of the VPC. -
--enable-dns-hostnames
- Indicates whether the instances launched in the VPC get DNS hostnames. -
--enable-dns-support
- Indicates whether DNS resolution is supported for the VPC.
Step 3: Create a Public Subnet
To create a public subnet, run the following command:
# Create a public subnet
AWS_PUBLIC_SUBNET=$(aws ec2 create-subnet \
--vpc-id $AWS_VPC \
--cidr-block 10.0.1.0/24 \
--query 'Subnet.SubnetId' \
--output text)
# Add a name tag to the public subnet
aws ec2 create-tags \
--resources $AWS_PUBLIC_SUBNET \
--tags Key=Name,Value=aws-public-subnet
Explanation:
-
aws ec2 create-subnet
- Creates a subnet in an existing VPC. -
--vpc-id
- The ID of the VPC. -
--cidr-block
- The IPv4 network range for the subnet, in CIDR notation. -
--query
- The JMESPath query that is applied to the output. -
--output
- The output format of the command. -
--resources
- The IDs of the resources. -
--tags
- The tags to apply to the resource.
Step 4: Enable Auto-assign Public IP on the subnet
To enable auto-assign public IP on the subnet, run the following command:
# Enable auto-assign public IP on the subnet
aws ec2 modify-subnet-attribute \
--subnet-id $AWS_PUBLIC_SUBNET \
--map-public-ip-on-launch
Explanation:
-
aws ec2 modify-subnet-attribute
- Modifies a subnet attribute. -
--subnet-id
- The ID of the subnet. -
--map-public-ip-on-launch
- Specify true to indicate that network interfaces created in the specified subnet should be assigned a public IPv4 address.
Step 5: Create an Internet Gateway
To create an Internet Gateway, run the following command:
# Create an Internet Gateway
AWS_INTERNET_GATEWAY=$(aws ec2 create-internet-gateway \
--query 'InternetGateway.InternetGatewayId' \
--output text)
# Add a name tag to the Internet Gateway
aws ec2 create-tags \
--resources $AWS_INTERNET_GATEWAY \
--tags Key=Name,Value=aws-internet-gateway
Explanation:
-
aws ec2 create-internet-gateway
- Creates an Internet gateway for use with a VPC. -
--query
- The JMESPath query that is applied to the output. -
--output
- The output format of the command. -
--resources
- The IDs of the resources. -
--tags
- The tags to apply to the resource.
Step 6: Attach the Internet Gateway to the VPC
To attach the Internet Gateway to the VPC, run the following command:
# Attach the Internet Gateway to the VPC
aws ec2 attach-internet-gateway \
--internet-gateway-id $AWS_INTERNET_GATEWAY \
--vpc-id $AWS_VPC
Explanation:
-
aws ec2 attach-internet-gateway
- Attaches an Internet gateway to a VPC, enabling connectivity between the Internet and the VPC. -
--internet-gateway-id
- The ID of the Internet gateway. -
--vpc-id
- The ID of the VPC.
Step 7: Create a Route Table
To create a route table, run the following command:
# Create a route table
AWS_ROUTE_TABLE=$(aws ec2 create-route-table \
--vpc-id $AWS_VPC \
--query 'RouteTable.RouteTableId' \
--output text)
# Add a name tag to the route table
aws ec2 create-tags \
--resources $AWS_ROUTE_TABLE \
--tags Key=Name,Value=aws-route-table
Explanation:
-
aws ec2 create-route-table
- Creates a route table for the specified VPC. -
--vpc-id
- The ID of the VPC. -
--query
- The JMESPath query that is applied to the output. -
--output
- The output format of the command. -
--resources
- The IDs of the resources. -
--tags
- The tags to apply to the resource.
Step 8: Create a custom route table association
To create a custom route table association, run the following command:
# Create a custom route table association
aws ec2 associate-route-table \
--subnet-id $AWS_PUBLIC_SUBNET \
--route-table-id $AWS_ROUTE_TABLE
Explanation:
-
aws ec2 associate-route-table
- Associates a subnet with a route table. -
--subnet-id
- The ID of the subnet. -
--route-table-id
- The ID of the route table.
Step 9: Associate the subnet with route table, making it a public subnet
To associate the subnet with route table, making it a public subnet, run the following command:
# Associate the subnet with route table, making it a public subnet
aws ec2 create-route \
--route-table-id $AWS_ROUTE_TABLE \
--destination-cidr-block 0.0.0.0/0 \
--gateway-id $AWS_INTERNET_GATEWAY
Explanation:
-
aws ec2 create-route
- Creates a route in a route table within a VPC. -
--route-table-id
- The ID of the route table for the route. -
--destination-cidr-block
- The IPv4 CIDR address block used for the destination match. -
--gateway-id
- The ID of an Internet gateway or virtual private gateway attached to your VPC.
Step 10: Create a Security Group
To create a security group, run the following command:
# Create a security group
AWS_SECURITY_GROUP=$(aws ec2 create-security-group \
--group-name aws-security-group \
--description "AWS Security Group" \
--vpc-id $AWS_VPC \
--query 'GroupId' \
--output text)
# Add a name tag to the security group
aws ec2 create-tags \
--resources $AWS_SECURITY_GROUP \
--tags Key=Name,Value=aws-security-group
Explanation:
-
aws ec2 create-security-group
- Creates a security group. -
--group-name
- The name of the security group. -
--description
- A description for the security group. -
--vpc-id
- The ID of the VPC. -
--query
- The JMESPath query that is applied to the output. -
--output
- The output format of the command. -
--resources
- The IDs of the resources. -
--tags
- The tags to apply to the resource.
Step 11: Add a rule to the security group
To add a rule to the security group, run the following command:
# Add a rule to the security group
# Allow RDP >> remote desktop protocol
aws ec2 authorize-security-group-ingress \
--group-id $AWS_SECURITY_GROUP \
--protocol tcp \
--port 3389 \
--cidr 0.0.0.0/0 \
--output text
# Add HTTP rule
aws ec2 authorize-security-group-ingress \
--group-id $AWS_SECURITY_GROUP \
--protocol tcp \
--port 80 \
--cidr 0.0.0.0/0 \
--output text
# Add HTTPS rule
aws ec2 authorize-security-group-ingress \
--group-id $AWS_SECURITY_GROUP \
--protocol tcp \
--port 443 \
--cidr 0.0.0.0/0 \
--output text
Explanation:
-
aws ec2 authorize-security-group-ingress
- Adds one or more ingress rules to a security group. -
--group-id
- The ID of the security group. -
--protocol
- The IP protocol name or number. -
--port
- The port number. -
--cidr
- The IPv4 CIDR range. -
--output
- The output format of the command.
Create a Windows Server 2022 EC2 Instance
Step 1: Get the latest AMI ID
To get the latest AMI ID, run the following command:
# Get the latest AMI ID
AWS_AMI=$(aws ec2 describe-images \
--owners 'amazon' \
--filters 'Name=name,Values=Windows_Server-2022-English-Full-Base-2022.11.10' \
'Name=state,Values=available' \
--query 'sort_by(Images, &CreationDate)[-1].[ImageId]' \
--output 'text')
Explanation:
-
aws ec2 describe-images
- Describes one or more of the images (AMIs, AKIs, and ARIs) available to you. Images available to you include public images, private images that you own, and private images owned by other AWS accounts but for which you have explicit launch permissions. -
--owners
- Filters the images by the owner. Specify an AWS account ID,self
(owner is the sender of the request), or an AWS owner alias (valid values areamazon
,aws-marketplace
,microsoft
). -
--filters
- One or more filters. Use a filter to return a more specific list of results. -
--query
- The JMESPath query that is applied to the output. -
--output
- The output format of the command.
Step 2: Create a Key Pair
To create a key pair, run the following command:
# Create a key pair
aws ec2 create-key-pair \
--key-name aws-key-pair \
--query 'KeyMaterial' \
--output text > aws-key-pair.pem
# Change the permissions of the key pair
chmod 400 aws-key-pair.pem
Explanation:
-
aws ec2 create-key-pair
- Creates a 2048-bit RSA key pair with the specified name. Amazon EC2 stores the public key and displays the private key for you to save to a file. The private key is returned as an unencrypted PEM encoded PKCS#8 private key. If a key with the specified name already exists, Amazon EC2 returns an error. -
--key-name
- The name for your key pair. -
--query
- The JMESPath query that is applied to the output. -
--output
- The output format of the command.
NOTE: The private key, which is returned as an unencrypted PEM encoded PKCS#8 private key, is only returned if you have access to the key pair. You must provide the corresponding key pair file when you launch an instance.
NOTE: The key pair you will decrypted using AWS EC2 console, to get the password.
Step 3: Create an EC2 Instance
To create an EC2 instance, run the following command:
# Create an EC2 instance
AWS_INSTANCE=$(aws ec2 run-instances \
--image-id $AWS_AMI \
--instance-type t2.micro \
--key-name aws-key-pair \
--monitoring "Enabled=false" \
--security-group-ids $AWS_SECURITY_GROUP \
--subnet-id $AWS_PUBLIC_SUBNET \
--query 'Instances[0].InstanceId' \
--output text)
# Add a name tag to the EC2 instance
aws ec2 create-tags \
--resources $AWS_INSTANCE \
--tags Key=Name,Value=aws-instance-windows
Explanation:
-
aws ec2 run-instances
- Launches the specified number of instances using an AMI for which you have permissions. -
--image-id
- The ID of the AMI. -
--instance-type
- The instance type. -
--key-name
- The name of the key pair. -
--monitoring
- Enables detailed monitoring (disabled by default). -
--security-group-ids
- The IDs of the security groups. -
--subnet-id
- The ID of the subnet in which to launch the instance. -
--query
- The JMESPath query that is applied to the output. -
--output
- The output format of the command.
Step 4: Wait for the EC2 Instance to be running
To wait for the EC2 instance to be running, run the following command:
# Wait for the EC2 instance to be running
aws ec2 wait instance-running \
--instance-ids $AWS_INSTANCE
Explanation:
-
aws ec2 wait instance-running
- Wait until an instance is running. -
--instance-ids
- The IDs of the instances.
Step 5: Get the public IP address of the EC2 Instance
To get the public IP address of the EC2 instance, run the following command:
# Get the public IP address of the EC2 instance
AWS_PUBLIC_IP=$(aws ec2 describe-instances \
--instance-ids $AWS_INSTANCE \
--query 'Reservations[0].Instances[0].PublicIpAddress' \
--output text)
Explanation:
-
aws ec2 describe-instances
- Describes one or more of your instances. -
--instance-ids
- The IDs of the instances. -
--query
- The JMESPath query that is applied to the output. -
--output
- The output format of the command.
Create an EBS Volume
Step 1: Create an EBS Volume
To create an EBS volume, run the following command:
# Get the availability zone for the EC2 instance
AWS_AVAILABILITY_ZONE=$(aws ec2 describe-instances \
--instance-ids $AWS_INSTANCE \
--query 'Reservations[0].Instances[0].Placement.AvailabilityZone' \
--output text)
# Create an EBS volume
AWS_VOLUME=$(aws ec2 create-volume \
--availability-zone $AWS_AVAILABILITY_ZONE \
--size 10 \
--volume-type gp2 \
--query 'VolumeId' \
--output text)
# Add a name tag to the EBS volume
aws ec2 create-tags \
--resources $AWS_VOLUME \
--tags Key=Name,Value=aws-volume
Explanation:
-
aws ec2 describe-instances
- Describes one or more of your instances. -
--instance-ids
- The IDs of the instances. -
--query
- The JMESPath query that is applied to the output. -
--output
- The output format of the command. -
aws ec2 create-volume
- Creates an EBS volume that can be attached to an instance in the same Availability Zone. -
--availability-zone
- The Availability Zone in which to create the volume. -
--size
- The size of the volume, in GiBs. -
--volume-type
- The volume type. -
--query
- The JMESPath query that is applied to the output. -
--output
- The output format of the command.
NOTE: Availability zone for the EC2 instance and EBS volume must be the same. Otherwise, you will get the following error:
InvalidParameterValue: The requested Availability Zone is currently constrained and only m3.medium or m3.large instances can be launched.
Step 2: Wait for the EBS Volume to be available
To wait for the EBS volume to be available, run the following command:
# Wait for the EBS volume to be available
aws ec2 wait volume-available \
--volume-ids $AWS_VOLUME
Explanation:
-
aws ec2 wait volume-available
- Wait until a volume is in the available state. -
--volume-ids
- The IDs of the volumes.
Attach the EBS Volume to the EC2 Instance
Step 1: Attach the EBS Volume to the Windows Server EC2 Instance
To attach the EBS volume to the Windows Server EC2 instance, run the following command:
# Attach the EBS volume to the Windows Server EC2 instance
aws ec2 attach-volume \
--device xvdf \
--instance-id $AWS_INSTANCE \
--volume-id $AWS_VOLUME
Explanation:
-
aws ec2 attach-volume
- Attaches an EBS volume to a running or stopped instance and exposes it to the instance with the specified device name. -
--device
- The device name (for example, /dev/sdh or xvdh). -
--instance-id
- The ID of the instance. -
--volume-id
- The ID of the EBS volume.
Step 2: Wait for the EBS Volume to be in-use
To wait for the EBS volume to be in-use, run the following command:
# Wait for the EBS volume to be in-use
aws ec2 wait volume-in-use \
--volume-ids $AWS_VOLUME
Explanation:
-
aws ec2 wait volume-in-use
- Wait until a volume is in the in-use state. -
--volume-ids
- The IDs of the volumes.
Connect to the Windows Server EC2 Instance
Step 1: Connect to the Windows Server EC2 Instance using RDP (Remote Desktop Protocol) in Linux
If you are using Linux, you can connect to the Windows Server EC2 instance using RDP (Remote Desktop Protocol) in Linux. To do so, you need to install the remmina
package. To install the remmina
package, run the following command:
# Install the remmina package
# Arch Linux
sudo pacman -S remmina
# Debian/Ubuntu
sudo apt install remmina -y
# CentOS/RHEL
sudo yum install remmina -y
# Fedora
sudo dnf install remmina -y
# OpenSUSE
sudo zypper install remmina -y
Explanation:
-
pacman
- Arch Linux package manager. -
apt
- Debian/Ubuntu package manager. -
yum
- CentOS/RHEL package manager. -
dnf
- Fedora package manager. -
zypper
- OpenSUSE package manager.
Step 1.1: Create a new RDP connection
- Click on the
+
button to add a new connection. - Enter the following details:
-
Name
- Enter a name for the connection. -
Protocol
- SelectRDP
. -
Server
- Enter the public IP address of the Windows Server EC2 instance. -
Username
- Enter the username of the Windows Server EC2 instance. -
Password
- Enter the password of the Windows Server EC2 instance.
-
- Click on the
Save
button.
NOTE: To get the password of the Windows Server EC2 instance, run the following command:
# Get the password of the Windows Server EC2 instance
EC2_INSTANCE_PASSWORD=$(aws ec2 get-password-data \
--instance-id $AWS_INSTANCE \
--priv-launch-key aws-key-pair.pem \
--query 'PasswordData' \
--output text)
# Desplay the password of the Windows Server EC2 instance
echo $EC2_INSTANCE_PASSWORD
Explanation:
-
aws ec2 get-password-data
- Retrieves the encrypted administrator password for the instances running Windows. -
--instance-id
- The ID of the instance. -
--priv-launch-key
- The private key that is required to decrypt the password data. -
--query
- The JMESPath query that is applied to the output. -
--output
- The output format of the command.
Step 1.2: Connect to the Windows Server EC2 Instance
- Click on the
Connect
button to connect to the Windows Server EC2 instance.
Step 2: Connect to the Windows Server EC2 Instance using RDP (Remote Desktop Protocol) in Windows
If you are using Windows, you can connect to the Windows Server EC2 instance using RDP (Remote Desktop Protocol) in Windows. To do so, you need to install the Microsoft Remote Desktop
app. To install the Microsoft Remote Desktop
app, run the following command:
# Install the Microsoft Remote Desktop app
winget install Microsoft.RemoteDesktop
Explanation:
-
winget
- Windows package manager.
Step 2.1: Create a new RDP connection
- Click on the
+
button to add a new connection. - Enter the following details:
-
Name
- Enter a name for the connection. -
Computer
- Enter the public IP address of the Windows Server EC2 instance. -
Username
- Enter the username of the Windows Server EC2 instance. -
Password
- Enter the password of the Windows Server EC2 instance.
-
NOTE: To get the password of the Windows Server EC2 instance, run the following command:
# Get the password of the Windows Server EC2 instance
EC2_INSTANCE_PASSWORD=$(aws ec2 get-password-data \
--instance-id $AWS_INSTANCE \
--priv-launch-key aws-key-pair.pem \
--query 'PasswordData' \
--output text)
# Desplay the password of the Windows Server EC2 instance
echo $EC2_INSTANCE_PASSWORD
Explanation:
-
aws ec2 get-password-data
- Retrieves the encrypted administrator password for the instances running Windows. -
--instance-id
- The ID of the instance. -
--priv-launch-key
- The private key that is required to decrypt the password data. -
--query
- The JMESPath query that is applied to the output. -
--output
- The output format of the command.
Step 2.2: Connect to the Windows Server EC2 Instance
- Click on the
Connect
button to connect to the Windows Server EC2 instance.
Connect to the EBS Volume
Connect to the EBS Volume using PowerShell
Step 1: Connect to the EBS Volume using PowerShell
- Open the
PowerShell
app. - Run the following command to connect to the EBS volume:
# Connect to diskpart
diskpart
# List the disks
list disk
# Select the disk
select disk 1
# initialize the disk
convert gpt
# Create a new partition
create partition primary
# List the partitions
list partition
# Select the partition
select partition 2
# Assign a drive letter
assign letter=D
# Format the partition
format fs=ntfs quick
# Exit diskpart
exit
Explanation:
-
diskpart
- DiskPart is a command-line tool that you can use to manage disks and volumes. -
list disk
- Lists all disks on the computer. -
select disk
- Selects a disk for use. -
convert gpt
- Converts a disk to the GPT partition style. -
create partition primary
- Creates a primary partition on the selected disk. -
list partition
- Lists all partitions on the selected disk. -
select partition
- Selects a partition for use. -
assign letter
- Assigns a drive letter to the selected partition. -
format fs=ntfs quick
- Formats the selected partition. -
exit
- Exits DiskPart.
Step 2: Check the EBS Volume
- Run the following command to check the EBS volume:
# List the disks
Get-Partition | Get-Volume
Explanation:
-
Get-Partition
- Gets the partitions on a disk. -
Get-Volume
- Gets the volumes on a disk.
Connect to the EBS Volume using Disk Management
Step 1: Connect to the EBS Volume using Disk Management
- Open the Sersh bar by pressing the
Windows
key +S
. - Type
diskmgmt.msc
and pressEnter
. - Right-click on the
Disk 1
and click on theOnline
option. - Right-click on the
Disk 1
and click on theInitialize Disk
option. - Right-click on the
Unallocated
space and click on theNew Simple Volume
option. - Click on the
Next
button. - Click on the
Next
button. - Click on the
Next
button. - Click on the
Finish
button.
Step 2: Check the EBS Volume using Disk Management
- Right-click on the
Disk 1
and click on theProperties
option. - Click on the
Volumes
tab. - Click on the
D:
drive.
Conclusion
In this tutorial, we learned how to connect a EBS volume to an Windows EC2 instance using PowerShell GUI.
References
Posted on December 17, 2022
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.