KBI 311471 AWS Configure PowerShell Remoting For Windows EC2 Instance
Version
Argent for AWS 5.1A-1610-A and later
Date
Friday, 28 October 2016
Summary
Windows EC2 instance is typically a standalone VM
User has to logon with local account through Remote Desktop
It is inconvenient when dealing with many such VM’s without remote management mechanism
Windows PowerShell Remoting serves the purpose well and is pre-installed in AWS Windows OS image
To use PowerShell Remoting, user should do following configurations:
-
Sign into AWS Console, go to AWS -> Service -> EC2, and update the security group associated with the Windows EC2 instance so that in-bound traffic to TCP port 5985 is allowed
(Perform the following steps on AWS EC2 Instance)
- Remote Desktop into Windows EC2 instance
This also verifies the correctness of logon and password
- Enable PowerShell Remoting by running
Windows Command Line: winrm quickconfig
or
PowerShell Command Line: Enable-PSRemoting - Open firewall for local TCP port 5985 by running
Windows Command Line: netsh advfirewall firewall add rule name=”WinRM-HTTP” dir=in localport=5985 protocol=TCP action=allow
(Perform the following steps on Argent AT Engine)
- Add the EC2 instance to Trusted Hosts by running
PowerShell Command Line: Set-Item WSMan:\localhost\Client\TrustedHosts -Value ec2_ip_address -Force
If there are many instances to manage, run following command to allow all:
PowerShell Command Line: Set-Item WSMan:\localhost\Client\TrustedHosts -Value * -Force
- Run following command to test whether the PowerShell Remoting connection is successful:
PowerShell Command Line: Test-WSMan -ComputerName ec2_ip_address
- Use following PowerShell commands to start PS session, run some commands, and then exit the session
PowerShell Command Line: $securePassword = ConvertTo-SecureString -AsPlainText -Force password
$cred = New-Object System.Management.Automation.PSCredential ‘Administrator’, $securePassword
Enter-PSSession -ComputerName ec2_ip_address -Credential $cred
…..
Exit-PSSession
After PowerShell Remoting has been successfully configured, the Windows EC2 instance can be licensed and natively monitored in Argent for AWS
Run the connectivity test to verify PowerShell Remoting is working properly
Technical Background
N/A
Resolution
N/A