diff --git a/plugins/modules/ec2_win_password.py b/plugins/modules/ec2_win_password.py
index a7d9e511346..0bb0db60bb1 100644
--- a/plugins/modules/ec2_win_password.py
+++ b/plugins/modules/ec2_win_password.py
@@ -146,20 +146,23 @@ def ec2_win_password(module):
 
     ec2 = module.client('ec2', retry_decorator=AWSRetry.jittered_backoff())
 
-    if wait:
-        start = datetime.datetime.now()
-        end = start + datetime.timedelta(seconds=wait_timeout)
-
-        while datetime.datetime.now() < end:
+    try:
+        if wait:
+            start = datetime.datetime.now()
+            end = start + datetime.timedelta(seconds=wait_timeout)
+
+            while datetime.datetime.now() < end:
+                data = ec2.get_password_data(InstanceId=instance_id)['PasswordData']
+                decoded = b64decode(data)
+                if not decoded:
+                    time.sleep(5)
+                else:
+                    break
+        else:
             data = ec2.get_password_data(InstanceId=instance_id)['PasswordData']
             decoded = b64decode(data)
-            if not decoded:
-                time.sleep(5)
-            else:
-                break
-    else:
-        data = ec2.get_password_data(InstanceId=instance_id)['PasswordData']
-        decoded = b64decode(data)
+    except (botocore.exceptions.BotoCoreError, botocore.exceptions.ClientError) as e:
+        module.fail_json_aws(e, msg='Failed to get password data')
 
     if wait and datetime.datetime.now() >= end:
         module.fail_json(msg="wait for password timeout after %d seconds" % wait_timeout)