Why does my Amazon EC2 Windows instance generate a "Waiting for the metadata service" error?
Last updated: 2019-05-16
My Amazon Elastic Compute Cloud (Amazon EC2) Windows instance is unable to retrieve instance metadata. How can I fix this?
My EC2 instance in a VPC is inaccessible and failing instance status checks
Attach a second elastic network interface to the instance to provide the needed route and a valid IP address. This allows you to:
- Access the EC2 instance on the second network interface.
- Resolve issues with the networking configuration of the primary network interface.
My EC2 instance is passing both status checks and is accessible
First, run the route print command from PowerShell or CMD. Review the output to confirm if there is a route similar to the following:
Network Address Netmask Gateway Address 169.254.169.254 255.255.255.255 <Subnet Router Address>
If the route isn't present or the Gateway Address doesn't match that of the current subnet, follow these steps:
- Confirm that the latest version of EC2Config (for Windows Server 2012R2 and earlier) or EC2Launch (for Windows Server 2016 or later) is installed on the instance.
- To apply the route to the instance, restart the EC2Config service, or execute the Add-Routes.ps1 located in the following directory for EC2Launch: C:\ProgramData\Amazon\EC2-Windows\Launch\Module\Scripts
If the route exists, but the instance is still unable to retrieve metadata, review your instance’s Windows Firewall, third-party firewall, or antivirus configuration. Confirm that traffic to 169.254.169.254 isn’t being explicitly denied.