Microsoft Workloads on AWS

How to upgrade Microsoft Windows Server 2012 with AWS Application Migration Service

This blog post is the fourth of a four-part series on how to upgrade Windows Server 2012 and 2012 R2. The focus of this series is to provide options to handle the upcoming end-of-support event in October. Part 1 overviews the end-of-support dilemma itself, plus how to perform an in-place, manual upgrade along with an insight into the End of Support Migration Program (EMP). Part 2 walks you through how to automate, using Amazon Systems Manager (SSM), your upgrade. Part 3 shows how to leverage modernization options, such as AWS App2Container, to handle an upgrade. Part 4 demonstrates how to upgrade Microsoft Windows Server 2012 using the AWS Application Migration Service.

This post is part four of the Navigating Windows Server End of Support series. In this final blog post, we will address how to perform a Windows Server in-place upgrade with AWS Application Migration Service (AWS MGN). Let’s dive in!

Perform a Windows Server in-place upgrade with AWS MGN
If your Windows 2012 or Windows 2012 R2 servers are still running in an on-premises environment, you can migrate those servers to AWS with AWS MGN. You can configure AWS MGN to upgrade the servers to a new version of Windows at the end of the migration. Read on for steps to configure AWS MGN. You can refer to this blog article to understand the steps to migrate with AWS MGN.


1. AWS Identity and Access Management (IAM) Role

Before we prepare a post-migration template in AWS MGN to perform a Windows Server upgrade, we need to create an IAM role (as seen in Figure 1) with the following permission policies:

  • AmazonSSMManagedInstanceCore
  • AWSApplicationMigrationFullAccess

AWS IAM Console permission page that shows roles and permission for the IAM Role

Figure 1. IAM Permissions with roles and permissions

2. Subnet ID

Note the Subnet ID where you want your migrated instance to run. You can find Subnet ID in Subnets under the Amazon Virtual Private Cloud (Amazon VPC) service (as seen in Figure 2) in the AWS Management Console.

Amazon VPC Subnet page displaying the various Subnet ID selections.

Figure 2.  Amazon VPC and Subnet ID selection

AWS MGN configuration
AWS MGN allows you to execute various predefined post-launch actions on your Amazon Elastic Compute Cloud (Amazon EC2) launch instance. We will use one of the built-in post-launch templates to perform a Windows Server in-place upgrade.

When you begin this step, we assume that you have already completed installation of AWS MGN agent on the source server and it appears in MGN console.

Note: You can use this approach to upgrade Windows Server 2008 R2 as well. To upgrade your Windows Server 2008 R2 instance to Windows Server 2016, 2019, or 2022, an in-place upgrade is performed twice—first from Windows Server 2008 R2 to Windows Server 2012 R2, and then from Windows Server 2012 R2 to Windows Server 2016, 2019, or 2022.

Directly upgrading Windows Server 2008 R2 to Windows Server 2016, 2019, or 2022 is not supported.

1. In AWS MGN, go to Source servers (as seen in Figure 3). Click on the server that you want to perform the Windows upgrade on.

A view of the AWS Application Migration Service page showing the active source servers selection.

Figure 3. Application Migration Service active source server page

2. Select Post-launch settings (as seen in Figure 4).

Application Migration Service dashboard

Figure 4. Application Migration Service dashboard

3. Make sure Active post-launch actions is set to Yes. Otherwise, click Edit.

A view of the Application Migration Service screen post launch action “edit” option.

Figure 5. Application Migration Service post launch actions

4. In Edit post-launch settings, (as seen in Figure 5) enable Install the System Manager agent and allow executing actions on launched servers (as seen in Figure 6).

5. Select Test and cutover instances (recommended) and then select Save settings (as seen in Figure 6).

A view of the Edit page settings, and options.

Figure 6. Post launch action details and deployment

6. Select Windows upgrade and click Edit (as seen in Figure 7).

A view of the post-launch action setting page showing the Windows upgrade option.

Figure 7.  Action page for post-launch action

7. In Edit action, check Activate this action (as seen in Figure 8).

A view of the edit action page for the Windows upgrade task.

Figure 8. Edit Actions with the post-launch action page

8. Provide the following information (as seen in Figure 9):

  • IAM instance profile: The profile you have created in prerequisites step 1.
  • SubnetID: This is where you want to deploy the server. Refer to step 2 in prerequisites section.
  • TargetWindowVersion: Select the Windows version you want to upgrade to.
  • KeepPreUpgradeImageBackup: I use False but it depends on your preferences.
  • RebootInstanceBeforeTakingImages: I use False but it depends on your preferences.

After that, you can save the action.

Viewing the action parameters page showing the option to leave the pre-upgraded image untouched.

Figure 9. Action parameter and options to keep the pre-upgraded image untouched.

9. Eventually, you can see two actions, “SSM Agent” and “Windows upgrade” in the Post-launch settings (as seen in Figure 10).

AWS Systems Manager Agent, and Windows Upgrade selection in the post-launch setting page.

Figure 10. SSM Agent and Windows Upgrade selection in the post-launch setting page.

10. When you do the cutover in AWS MGN, the two post-launch actions that you have configured in step 9 will perform the installation of SSM Agent and the in-place upgrade to the newer version of Windows OS (as seen in Figure 11).

A view of the Application Migration Service, Active source server page, with the option to launch cutover instances and finalize cutover.

Figure 11. Application Migration Service active source server cutover page.

11. You can monitor the post-launch action in Migration dashboard under post-launch actions (as seen in Figure 12).

Monitoring the migration using the dashboard

Figure 12. Monitoring the migration

12. Once you have successfully completed the cutover, you should see a new Windows Server 2019 in the Amazon EC2 console (as seen in Figure 13).

A view of the Amazon EC2 console, showing the upgraded Windows EC2 instance

Figure 13. Validating the completion of the migration in the EC2 Console

Since this blog is a how-to guide, there are no cleanup steps required. The described step-by-step approach is to show you how to proceed with the upgrade.

In this blog post, we walked through the Windows Server upgrade approach using the AWS Application Migration Service.

Please keep in mind that this four-part blog series has discussed and presented many options for dealing with EOS and how AWS can help you address these issues with the use of technology, tooling, and experts.

Post 1: How to manually upgrade Microsoft Windows Server 2012 on AWS

Post 2: How to automate your Microsoft Windows Server upgrades using AWS Systems Manager

Post 3: How to upgrade and modernize Microsoft Windows Server 2012 with Windows containers on AWS

Lastly, read this eBook and learn how organizations like NextGen Healthcare, Parsons Corporation, SeatGeek, Arkansas Administrative Office of the Courts migrate, optimize and modernize their Windows Server workloads with AWS.

If you would like help upgrading using one of the options described in this post, please reach out to us. We will gladly meet with you and your team to review the best option to address your EOS situation.

AWS can help you assess how your company can get the most out of cloud. Join the millions of AWS customers that trust us to migrate and modernize their most important applications in the cloud. To learn more on modernizing Windows Server or SQL Server, visit Windows on AWSContact us to start your migration journey today.

Mike Adams

Mike Adams

Mike Adams is a worldwide go-to-market specialist with AWS. His focus is migrating Microsoft workloads to AWS and showing customers how they can achieve operational and cost efficiencies. Prior to AWS, Mike held product marketing roles at Ivanti, VMware, Symantec, and VERITAS Software. Mike started his career as an industry analyst at the Giga Information Group (now part of Forrester Research).

Gianpaolo Albanese

Gianpaolo Albanese

GianPaolo Albanese is a Microsoft Specialist Solutions Architect with Amazon Web Services based in the New York area. GP is focused on helping customers with their Windows architectures, migrations and optimization to the AWS cloud. GP has been an IT professional with over three decades of experience in the FinTech industry, specialized in the management of large-scale infrastructures, migrations and modernization activities. In the past two years, GP has focused his energy to help customers address End-of-Support challenges.

Kyaw Soe Hlaing

Kyaw Soe Hlaing

Kyaw Soe Hlaing is a Senior Solution Architect specializing in infrastructure, platform, and identity management. He is passionate about designing, architecting, and providing solutions for complex business requirements for customers. With more than 15 years of experience, Kyaw works with our partners to help AWS customers navigate their cloud transformation journey.