Sometimes back I was working on a free notification system using Telegram Bot (https://telegram.org/blog/bot-revolution), and I wrote a simple function in PowerShell, which could be use in various ways for sending instant notification to any smartphone for free (http://bit.ly/2ys1gF5).
I thought what else we could do with it, and I have got an idea to use it as AWS Automation Bot to perform simple tasks. I have created a set of instructions for a Bot using PowerShell script which we could use to perform the following tasks instantly instead of doing it from AWS console.
- Getting instance details using instance name.
- Getting attached volume details using instance name.
- Getting list of the available snapshots for a instances using instance name.
- Getting the console screenshot for troubleshooting using instance name.
- Getting the console log for troubleshooting using instance name.
- Start an instance using instance name.
- Stop an instance using instance name.
- Restart an instance using instance name.
As mentioned earlier, we could reset the local admin password of windows instances via registry, but unfortunately that will not going to help us if we forget the user id details or we renamed the user id. And the good news is, we still will be able to logon into the system by creating one new Admin Account using AWS User Data. This process is very simple as described bellow.
- You have to re-attached the root volume of faulty system to a working AWS instances.
- Now, you have to use EC2Rescue to enable user data (Ec2HandelUserData), which will execute a script on next boot. (*This could be done by editing config.xml file of EC2Config)
- Once done, you have to re-attach the volume to the original system as root (/dev/sda1) volume.
- Now, from AWS EC2 Console, you have to select the server and edit the User Data before starting the server and add the following PowerShell script. This script will create a Admin Account called “MyAdminX” with the password “!!4SJKAHGYWMd4!!” on first boot and you will be able to logon to the server using this new account.
$Computer = [ADSI]"WinNT://$Env:COMPUTERNAME,Computer"
$LocalAdmin = $Computer.Create("User", $Name)
$LocalAdmin.FullName = $Name
$LocalAdmin.Description = "Admin Account created using User Data"
$LocalAdmin.UserFlags = 64 + 65536 # ADS_UF_PASSWD_CANT_CHANGE + ADS_UF_DONT_EXPIRE_PASSWD
$AdminGroup = [ADSI]"WinNT://$Env:COMPUTERNAME/Administrators,group"
$User = [ADSI]"WinNT://$Env:COMPUTERNAME/$Name,User"
I hope this will be helpful for you.