Link Search Menu Expand Document
CityU STC Student Resource Center

Setup Windows EC2 Instance in AWS

Table of contents

  1. Overview
  2. Create AWS Account
  3. Create IAM User
  4. Create and Launch the EC2 Instance
  5. Using the EC2 Instance
    1. Connecting with Remote Desktop
  6. Important: Stopping and Terminating Your Instance
    1. How to Stop Your Instance
    2. How to Terminate Your Instance
  7. Troubleshooting
    1. Can’t Connect via Remote Desktop
    2. Password Decryption Issues
    3. Instance Costs More Than Expected
  8. Additional Resources
  9. Summary Checklist

Overview

A common situation for Mac users in particular is to not be able to use Microsoft products like Power BI or Access database. A straightforward if inefficient solution is to make a virtual Windows instance using the EC2 service on AWS. This guide will show you how to set up a free tier solution, which you could pay Amazon money for to get better performance if you so choose. Much of this guide will also be applicable to setting up Linux instances, such that there’s a good chance you could probably figure out the difference, but we won’t be covering that explicitly at this time.

We’ll be following along with this EC2 tutorial and this Getting Started tutorial from AWS.

⚠️ IMPORTANT: Remember to Stop Your Instance! ⚠️

AWS charges you for every hour your EC2 instance is running. Always STOP or TERMINATE your instance when you're done using it to avoid unexpected charges. See our AWS Billing Guide for more details.

Create AWS Account

First step is to create an AWS account. Follow the online instructions. This creates a root user with root access privileges.

Create IAM User

Root access is too much for most use cases, including ours, so it’s better as a security habit to create an administrative or IAM user. When you log in to AWS, use this user with restricted access, therefore any compromise won’t have complete and total access to your system.

Go to the AWS Management Console and click on IAM in the quick-access service list in the middle of the screen. If you don’t see it, click on the Services link next to the nine-square grid in the upper-left corner of the screen for a drop-down menu. Scroll down to the “Security, Identity, & Compliance” option then mouse over and choose “IAM Identity Center” from the right-hand menu that appears.

IAM is pretty rich but for now we’ll keep to the essentials for our purposes.

  • Go to Users in the left hand menu, then click “New Users” in the upper-right part of the new screen.
  • Give it a name then go to the next screen.
  • Create a User Group, give it a distinct name like “Admin”, and give it AdministratorAccess (should be the first option). Finishing will take you back to the previous screen.
  • Select your new User Group and go to the next screen.
  • Confirm your details – you can change and tweak other aspects later if you want – and click “Create user”.

Create and Launch the EC2 Instance

Go to the EC2 instance console and click “Launch instance” which should be in the left-center of the screen horizontally, probably towards the center-bottom vertically.

  • Give it a distinct name.
  • Click on Microsoft Windows for the operating system under Quick Start.
    • Note: Here is where you would diverge for something like a Linux distribution instead.
  • Instance type is where you select how powerful you want the instance to be. Currently the “Free tier eligible” instance type is called a “t2.micro” instance with 1 GB of RAM which is obviously not much. Honestly, performance will be proportionally affected. However, notice that there is on-demand pricing for «$1 / hour. These go up for more powerful instances, but it may be worth the fairly low cost to get yourself better performance.
    • How much better? The requirements page for Windows Server says at least 512 MB are needed for physical installations, but at least 800 MB for virtual ones. This is just less than our 1 GB, so 2 GB might give us enough breathing room without spending too much money. This would be the t2.small instance type, which is appropriately twice as expensive per hour.
    • ⚠️ CRITICAL: All AWS billing is on-demand, which is a key selling point of cloud services. You are only charged for each hour of a running instance - so make sure to STOP your instances when you’re done! See the AWS Billing Guide for more information.
    • Free Tier will be explained explicitly on the right of the screen. Usually, something like the first 750 hours of use are free. This is only available for t2.micro instance types at the time of writing.
  • Key pairs are a key security item. Click on “Create new pair” and give it a name. Leaving it as PEM is fine unless you know you need PPK.
    • IMPORTANT: Download and save your key now because it’s your only chance.
    • You can also reuse keys between instances, though this potentially creates security vulnerabilities.
  • Security groups are network firewall access schemes. For our purposes, the default settings should be fine. Note that it’s using the RDP (Remote Desktop Protocol) for Windows, which will be important for connecting.
  • The final setting is storage. The free tier comes with 30 GB. This is probably fine for us. Storage can be expanded with other AWS services, such as S3 which is the simplest. We do not cover those in this tutorial.
  • Go ahead and launch instance. Do not close your browser.

When finished, you can go to “View All Instances.”

Using the EC2 Instance

From “View All Instances” you’ll first want to check the “Instance state” of the one you’re interested in. If it’s stopped, you’ll need to start it by checking the appropriate box then click the drop-down menu “Instance state” and select “Start instance.” You’ll have to wait for two checks to successfully complete before proceeding. If the instance is good, it’ll show “Running” with a checkmark in green.

  • To connect, you can either check the box and click “Connect” at the top of the screen; or you can click on the alphanumeric “Instance ID” to go to a status screen, which will also have a dedicated “Connect” button at the top of the screen.
  • Either way, on the next screen, choose “RDP client” since we set up the network with a RDP connection. You can download the RDP file to a location on your computer. Keep this location in mind.
  • Click “Get password” then on the next screen click “Upload private key file” and choose the PEM (or PPK) file you downloaded earlier. Click “Decrypt password.” Copy the new password towards the bottom of the screen. Do this now because you won’t have another chance.

That’s all you can do from AWS itself. Next you’ll need to download a Remote Desktop client from Microsoft, the eternal gatekeepers. You should be able to just search for this on the App Store. (Linux is more complicated. We don’t cover that in this tutorial.)

Connecting with Remote Desktop

On macOS:

  1. Download Microsoft Remote Desktop from the Mac App Store
  2. Open the application
  3. Click Add PC or the + button
  4. In the PC Name field, enter the Public IPv4 address or Public IPv4 DNS from your EC2 instance details
  5. In the User account dropdown, select Add User Account
  6. Enter the username (usually Administrator for Windows) and the decrypted password you copied earlier
  7. Click Add then double-click your new connection to connect

On Windows:

  1. Open Remote Desktop Connection (built into Windows)
  2. In the Computer field, enter the Public IPv4 address or Public IPv4 DNS from your EC2 instance
  3. Click Connect
  4. Enter the username (usually Administrator) and the decrypted password
  5. Click OK to connect

Important: Stopping and Terminating Your Instance

⚠️ ALWAYS Stop or Terminate Your Instance When Done!

How to Stop Your Instance

Stopping an instance turns it off but preserves your configuration. You can start it again later. You still pay for storage but NOT for compute time.

  1. Go to the EC2 Console
  2. Select Instances from the left menu
  3. Check the box next to your instance
  4. Click Instance state → Stop instance
  5. Confirm the action

How to Terminate Your Instance

Terminating an instance permanently deletes it. Use this when you’re completely done with the instance.

  1. Go to the EC2 Console
  2. Select Instances from the left menu
  3. Check the box next to your instance
  4. Click Instance state → Terminate instance
  5. Confirm the action

Note: If you created any EBS volumes or Elastic IPs, make sure to delete/release those as well to avoid charges. See the AWS Billing Guide for details.

Troubleshooting

Can’t Connect via Remote Desktop

  • Check security group: Ensure port 3389 (RDP) is open
  • Verify instance is running: Instance state should be “Running” with 2/2 checks passed
  • Check public IP: Make sure you’re using the correct Public IPv4 address
  • Reboot instance: Sometimes a reboot helps - go to Instance state → Reboot

Password Decryption Issues

  • Wait time: It can take a few minutes after launching for the password to be available
  • Key file: Ensure you’re using the correct .pem key file that you downloaded when creating the instance
  • New key: If you lost your key, you’ll need to terminate and create a new instance

Instance Costs More Than Expected

  • Check instance type: Free tier is only for t2.micro instances
  • Free tier limits: 750 hours/month means you can run ONE instance 24/7, or multiple instances that add up to 750 hours
  • Stopped vs Terminated: Stopping an instance still charges for storage
  • Review billing dashboard: Check your AWS Billing Dashboard regularly

Additional Resources

Summary Checklist

Before you finish:

âś… Completed your work on the Windows instance
âś… Saved any files you need (download them from the instance)
âś… STOPPED or TERMINATED the instance
âś… Checked the EC2 Dashboard to verify instance is stopped/terminated
âś… Released any Elastic IPs if you created them
âś… Checked your AWS Billing Dashboard

⚠️ Don't forget: STOP = No compute charges, TERMINATE = No charges at all ⚠️

Last updated: January 2026

^
TOP

Copyright @ 2025 CityU STC