Use GetPasswordData with an Amazon SDK or CLI - Amazon Elastic Compute Cloud
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Use GetPasswordData with an Amazon SDK or CLI

The following code examples show how to use GetPasswordData.

CLI
Amazon CLI

To get the encrypted password

This example gets the encrypted password.

Command:

aws ec2 get-password-data --instance-id i-1234567890abcdef0

Output:

{ "InstanceId": "i-1234567890abcdef0", "Timestamp": "2013-08-07T22:18:38.000Z", "PasswordData": "gSlJFq+VpcZXqy+iktxMF6NyxQ4qCrT4+gaOuNOenX1MmgXPTj7XEXAMPLE UQ+YeFfb+L1U4C4AKv652Ux1iRB3CPTYP7WmU3TUnhsuBd+p6LVk7T2lKUml6OXbk6WPW1VYYm/TRPB1 e1DQ7PY4an/DgZT4mwcpRFigzhniQgDDeO1InvSDcwoUTwNs0Y1S8ouri2W4n5GNlriM3Q0AnNVelVz/ 53TkDtxbNoU606M1gK9zUWSxqEgwvbV2j8c5rP0WCuaMWSFl4ziDu4bd7q+4RSyi8NUsVWnKZ4aEZffu DPGzKrF5yLlf3etP2L4ZR6CvG7K1hx7VKOQVN32Dajw==" }

To get the decrypted password

This example gets the decrypted password.

Command:

aws ec2 get-password-data --instance-id i-1234567890abcdef0 --priv-launch-key C:\Keys\MyKeyPair.pem

Output:

{ "InstanceId": "i-1234567890abcdef0", "Timestamp": "2013-08-30T23:18:05.000Z", "PasswordData": "&ViJ652e*u" }
Java
SDK for Java 2.x
Note

There's more on GitHub. Find the complete example and learn how to set up and run in the Amazon Code Examples Repository.

import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.ec2.Ec2AsyncClient; import software.amazon.awssdk.services.ec2.model.*; import java.util.concurrent.CompletableFuture; /** * Before running this Java V2 code example, set up your development * environment, including your credentials. * * For more information, see the following documentation topic: * * https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html */ public class GetPasswordData { public static void main(String[] args) { final String usage = """ Usage: <instanceId> Where: instanceId - An instance id value that you can obtain from the AWS Management Console.\s """; if (args.length != 1) { System.out.println(usage); System.exit(1); } String instanceId = args[0]; Ec2AsyncClient ec2AsyncClient = Ec2AsyncClient.builder() .region(Region.US_EAST_1) .build(); try { CompletableFuture<Void> future = getPasswordDataAsync(ec2AsyncClient, instanceId); future.join(); } catch (RuntimeException rte) { System.err.println("An exception occurred: " + (rte.getCause() != null ? rte.getCause().getMessage() : rte.getMessage())); } } /** * Fetches the password data for the specified EC2 instance asynchronously. * * @param ec2AsyncClient the EC2 asynchronous client to use for the request * @param instanceId instanceId the ID of the EC2 instance for which you want to fetch the password data * @return a {@link CompletableFuture} that completes when the password data has been fetched * @throws RuntimeException if there was a failure in fetching the password data */ public static CompletableFuture<Void> getPasswordDataAsync(Ec2AsyncClient ec2AsyncClient, String instanceId) { GetPasswordDataRequest getPasswordDataRequest = GetPasswordDataRequest.builder() .instanceId(instanceId) .build(); CompletableFuture<GetPasswordDataResponse> response = ec2AsyncClient.getPasswordData(getPasswordDataRequest); response.whenComplete((getPasswordDataResponse, ex) -> { if (ex != null) { throw new RuntimeException("Failed to get password data for instance: " + instanceId, ex); } else if (getPasswordDataResponse == null || getPasswordDataResponse.passwordData().isEmpty()) { throw new RuntimeException("No password data found for instance: " + instanceId); } else { String encryptedPasswordData = getPasswordDataResponse.passwordData(); System.out.println("Encrypted Password Data: " + encryptedPasswordData); } }); return response.thenApply(resp -> null); } }
  • For API details, see GetPasswordData in Amazon SDK for Java 2.x API Reference.

PowerShell
Tools for PowerShell

Example 1: This example decrypts the password that Amazon EC2 assigned to the Administrator account for the specified Windows instance. As a pem file was specified, the setting of the -Decrypt switch is automatically assumed.

Get-EC2PasswordData -InstanceId i-12345678 -PemFile C:\path\my-key-pair.pem

Output:

mYZ(PA9?C)Q

Example 2: (Windows PowerShell only) Inspects the instance to determine the name of the keypair used to launch the instance and then attempts to find the corresponding keypair data in the configuration store of the Amazon Toolkit for Visual Studio. If the keypair data is found the password is decrypted.

Get-EC2PasswordData -InstanceId i-12345678 -Decrypt

Output:

mYZ(PA9?C)Q

Example 3: Returns the encrypted password data for the instance.

Get-EC2PasswordData -InstanceId i-12345678

Output:

iVz3BAK/WAXV.....dqt8WeMA==
  • For API details, see GetPasswordData in Amazon Tools for PowerShell Cmdlet Reference.

For a complete list of Amazon SDK developer guides and code examples, see Create Amazon EC2 resources using an Amazon SDK. This topic also includes information about getting started and details about previous SDK versions.