Deploy Windows-based stacks using CloudFormation - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Deploy Windows-based stacks using CloudFormation

This page provides links to technical reference documentation for CloudFormation resources commonly used in Windows-based deployments.

CloudFormation provides support for deploying and managing Microsoft Windows stacks through Infrastructure as Code (IaC). You can use CloudFormation for automated provisioning of Windows-based EC2 instances, SQL Server on Amazon RDS, and Microsoft Active Directory through Amazon Directory Service.

Amazon provides pre-configured Amazon Machine Images (AMIs) specifically designed for Windows platforms to help you quickly deploy applications on Amazon EC2. These AMIs include default Microsoft settings and Amazon-specific customizations. With CloudFormation, you can choose an appropriate AMI, launch an instance, and access it using Remote Desktop Connection, just as you would with any other Windows Server. The AMIs contain essential software components, including EC2Launch (versions vary by Windows Server edition), Amazon Systems Manager, CloudFormation, Amazon Tools for PowerShell, and various network, storage, and graphics drivers to ensure optimal performance and compatibility with Amazon services. For more information, see the Amazon Windows AMI Reference.

CloudFormation also supports software configuration tools, such as UserData scripts, which can run PowerShell or batch commands when an EC2 instance first boots up. It also offers helper scripts (cfn-init, cfn-signal, cfn-get-metadata, and cfn-hup) and supports the AWS::CloudFormation::Init metadata for managing packages, files, and services on Windows instances.

For enterprise environments, CloudFormation enables domain joining, Windows license management through EC2 licensing models, and secure credential handling with Amazon Secrets Manager. Combined with version-controlled templates and repeatable deployments, CloudFormation helps organizations maintain consistent, secure, and scalable Windows environments across multiple Amazon Web Services Regions and accounts.

For details on CloudFormation resources commonly used in Windows-based deployments, see the following technical reference topics.

Resource type Description

AWS::EC2::Instance

For launching Windows EC2 instances.

AWS::EC2::SecurityGroup

To define firewall rules for Windows workloads.

AWS::AutoScaling::AutoScalingGroup

AWS::EC2::LaunchTemplate

For scaling Windows EC2 instances.

AWS::DirectoryService::MicrosoftAD

For deploying Microsoft Active Directory.

AWS::FSx::FileSystem

For deploying FSx for Windows File Server.

AWS::RDS::DBInstance

For provisioning SQL Server on Amazon RDS.

AWS::CloudFormation::Init

Used within EC2 metadata for configuring instances.

For more information, see Bootstrapping Windows-based CloudFormation stacks.

AWS::SecretsManager::Secret

For securely managing credentials and Windows passwords.

AWS::SSM::Parameter

For storing configuration values securely.

AWS::IAM::InstanceProfile

AWS::IAM::Role

For granting permissions to applications running on EC2 instances.