Wondering how to replace a lost key pair for EC2 Windows? We can help you!
As a part of our AWS Support services, we often receive similar queries from our AWS Customers.
Today, let’s see how our Support Engineers help our customers to replace a lost key pair for EC2 Windows.
Replace a lost key pair for EC2 Windows
Amazon EC2 uses a set of key pairs that is a public key and a private key to prove our identity when we connect to an EC2 instance. If we lost a key pair and want to replace it, we can create an AMI of the existing instance, launch a new instance and then select a new key pair.
We can also retrieve the lost key pair by using the AWSSupport-ResetAccess document if our instance is a managed instance in the AWS Systems Manager.
Creating an AMI and launching a new instance
If we lost an administrator password, we must use its key pair when resetting the password using EC2Config or EC2Launch. But if we lost the key pair, we need to create an AMI of the existing instance, launch a new instance, and then select a new key pair.
Steps for creating an AMI, launching a new instance, and then selecting new key pair
- At first, we need to create a new private key pair using the console, the AWS CLI, or AWS Tools for Windows PowerShell, and then save it in a safe area.
2. Log in to the Amazon EC2 console and select Instances and then select our instance.
3. Then note the Instance type, VPC ID, Subnet ID, Security groups, and IAM role for the instance from the Description tab.
4. Now stop the instance. If your instance is instance store-backed or has instance store volumes containing data, the data is lost when you stop the instance.
5. Select the instance and then select Image > Create Image for Actions.
6. Enter a name for Image name and click Create Image, and then select Close.
7. Select AMI to see the status. If the status is pending, the AMI is being created. Continue to the next step when the status becomes available.
8. Then select the AMI and then select Launch.
9. Then complete the wizard. Also make sure to select the same instance type, VPC ID, Subnet ID, Security groups, and IAM role as the instance we are replacing.
10. Select the new key pair for Select a key pair.
11. Also associate the Elastic IP address to the new instance, if the old instance has an associated Elastic IP address.
12. If any Amazon EBS volumes are not captured during the AMI creation, detach the volume, and then attach the volume to the new instance. Note that we can skip the step to unmount volume as the original instance is already stopped.
13. The private key file is now replaced and we can reset the administrator password.
14. We can also terminate the original instance for which the key pair is lost(optional).
Using the AWSSupport-ResetAccess document
We can use the AWSSupport-ResetAccess Automation document if our instance is a managed instance in the AWS Systems Manager to replace a lost key pair or to replace a lost local Administrator password.
[Need help with more AWS queries? We’d be happy to assist]
To conclude, today we saw the steps followed by our Support Engineers to help our customers to replace a lost key pair for EC2 Windows.