Loading and modifying the registry of a dead Amazon EC2 instance

In a recent post, I had to troubleshoot an issue with an Amazon EC2 instance not accessible via RDP after Windows Update and reboot. Back then, I didn't realize that I could have edited the registry of the unresponsive instance. Here is how to do it (Thanks to Nick Greising at Amazon for providing me with the steps). You will first need a repair instance in the same zone.

1. Note down instance information such as instance ID, attached block devices (volumes), private IP address, associated elastic IP address
2. Stop the instance
3. Detach the root volume
4. Attach the volume to repair instance 
5. Login to the repair instance
6. Bring the disk online (eg: drive E)
7. Run regedit
8. Go to HKLM
9. Select File->Load Hive
10. Browse to E:\Windows\System32\config
11. Open the hive you want (eg: SYSTEM)
12. Pick a Key Name (eg: System_old)
13. Make whatever changes you need
14. Select the root of the hive you just loaded and modified (eg: HKLM\System_old)
15. Select File->Unload Hive
16. [Optional: Note if you are running SharePoint you may need to set Ec2SetComputerName to Disabled so the machine does not change names on restart]
17. Take the disk offline
18. You can now logoff or close the connection to the repair instance
19. Detach the volume from the repair instance
20. Attach volume to original instance
21. Start instance
22. You will also need reconfigure your security groups as the internal IP address would have changed and to reassociate the Elastic IP Address.

Now, I could just plop in the steps from Amazon EC2 instance not accessible via RDP after Windows Update and reboot into step 13 and I can repair those unresponsive instances. Note that when the hive is loaded, there won't be a CurrentControlSet. However, you can look at the value of HKLM\System_old\Select\Current to determine which ControlSet to use. See the knowledgebase article What are Control Sets? What is CurrentControlSet? for details.