Skip to main content

Create a base deployment on AWS

The following are the general steps for using Amazon Web Services (AWS) to create a base ArcGIS Enterprise deployment on AWS.

Tip:

Alternatively, you can use ArcGIS Enterprise Cloud Builder for Amazon Web Services to configure an ArcGIS Enterprise deployment on AWS.

  1. Download Portal for ArcGIS, ArcGIS Server, and ArcGIS Web Adaptor software from My Esri.

  2. Download your Portal for ArcGIS and ArcGIS GIS Server license files from My Esri.

  3. Use an Amazon Machine Image (AMI) with a supported operating system to create Amazon Elastic Compute Cloud (EC2) instances.

    If you have never used this particular AMI before, you must read and accept AWS Marketplace terms before launching an instance.

    If you launch an EC2 instance that has sufficient RAM and disk space to accommodate it, you can install Portal for ArcGIS, ArcGIS Web Adaptor, and ArcGIS Server on the same instance. In most cases, though, you will likely install components on separate EC2 instances, and each component may include more than one instance.

  4. Connect to an EC2 instance, install Portal for ArcGIS, and authorize Portal for ArcGIS using the license you downloaded in step 2.

    Install the software but do not proceed with configuration.

    See the Portal for ArcGIS installation guide for instructions. Use the Other versions menu to access the instructions appropriate to the operating system on the EC2 instance.

  5. Create an Amazon Elastic IP and associate it with the Portal for ArcGIS EC2 instance.

  6. Set up CNAME mapping to create a more user-friendly Domain Name System (DNS) hostname.

  7. On the Portal for ArcGIS instance, open the hostidentifier.properties file and remove the comment marks from the preferredidentifier=ip property.

    The file is found in the <Portal for ArcGIS installation directory>\framework\runtime\ds\framework\etc\ directory.

  8. Start Portal for ArcGIS.

    • On a Microsoft Windows instance, start the Portal for ArcGIS service from the Windows Services panel.

    • On a Linux instance, sign in as the arcgis user and run startportal.sh in the /arcgis/portal directory to start Portal for ArcGIS.

  9. Open the portal website to create an organization.

    To connect to the portal from a remote machine, the portal URL is in the format https://<fully qualified machine name>:7443/arcgis/home. On the local machine, you can use the URL https://localhost:7443/arcgis/home/.

    1. Create the initial administrator account. This account is required when registering the portal with ArcGIS Web Adaptor.

    2. Import the license file you obtained in step 1.

    3. Specify the portal content directory.

  10. Install ArcGIS Web Adaptor to use with Portal for ArcGIS.

    ArcGIS Web Adaptor can run on the same instance as Portal for ArcGIS or on another EC2 instance.

    Install the software but do not configure it.

    See Install ArcGIS Web Adaptor for instructions. Use the platform toggle at the top of the page to access the instructions appropriate to the type of web adaptor you require.

  11. If you installed ArcGIS Web Adaptor on an EC2 instance separate from the Portal for ArcGIS instance, create an Amazon Elastic IP and associate it with the ArcGIS Web Adaptor EC2 instance.

  12. Enable HTTPS on at least the ArcGIS Web Adaptor directory, using a CA-signed certificate.

    The certificate is issued to the public DNS hostname for the Elastic IP or the CNAME DNS hostname that maps to the Elastic IP.

    Note:

    Do not use a self-signed certificate when running Portal for ArcGIS.

  13. Configure ArcGIS Web Adaptor with Portal for ArcGIS. You can do this from a web browser on the local machine or from command line on a Linux instance.

    1. If running from a web browser, open the ArcGIS Web Adaptor configuration page.

      The web adaptor registration page opens automatically when you install; however, change the URL to use the elastic IP of the EC2 instance or the CNAME DNS hostname where ArcGIS Web Adaptor is installed. For example, change the URL from https://localhost/arcgis/webadaptor to https://<Elastic IP>/arcgis/webadaptor or https://<CNAME DNS hostname>/arcgis/webadaptor.

    2. Use the elastic IP or CNAME DNS hostname in the URL rather than the portal machine name in the Portal URL field. For example, type https://<Elastic IP>:7443/arcgis or https://<CNAME DNS hostname>:7443/arcgis.

  14. Install ArcGIS Server on an EC2 instance and authorize it using the ArcGIS GIS Server license you downloaded in step 2.

    Install the software but do not create a site yet.

    See the ArcGIS Server installation guide for instructions. Use the operating system toggle to access the instructions appropriate to the operating system on the EC2 instance.

  15. Associate an Amazon Elastic IP with the instance.

  16. Optionally, set up CNAME mapping to create a more user-friendly DNS hostname.

  17. Create an ArcGIS Server site.

  18. Install a web adaptor for the ArcGIS Server site.

    ArcGIS Web Adaptor can run on the same instance as ArcGIS Server or on another EC2 instance.

    Install the ArcGIS Web Adaptor software but do not configure it with the site yet.

    See Install ArcGIS Web Adaptor for instructions. Use the platform toggle at the top of the page to access the instructions appropriate to the type of web adaptor you require.

  19. Enable HTTPS on at least the ArcGIS Web Adaptor directory, using a CA-signed certificate.

    The certificate is issued to the public DNS hostname for the Elastic IP or the CNAME DNS hostname that maps to the Elastic IP.

    Note:

    Do not use a self-signed certificate for this ArcGIS Server site.

    If the ArcGIS Server site runs on the same EC2 instance as the portal, use the same type of web server (such as IIS) with the same CA-signed certificate.

  20. Configure the web adaptor with the ArcGIS Server site and click Enable administrative access to your site through the Web Adaptor.

    Change the web adaptor registration page URL and the GIS Server URL value to include the elastic IP or CNAME DNS hostname rather than the ArcGIS Server machine name used for the web adaptor and ArcGIS Server EC2 instance.

  21. Configure the system data stores you require with the ArcGIS GIS Server site.

  22. Set the portal's WebContextURL and privatePortalURL properties. This helps Portal for ArcGIS construct the correct URLs on all resources it sends to the end user.

    1. Open a web browser and sign in to the ArcGIS Portal Directory as a member of the default administrator role in the organization. The URL is formatted https://portal.example.com:7443/arcgis/portaladmin.

    2. Click System > Properties > Update Properties.

    3. On the Update System Properties dialog box, insert the following JSON, substituting your own reverse proxy server or DNS alias URL as seen by users outside your organization's firewall:

      {
   "privatePortalURL": "https://lb.example.com/portal",
   "WebContextURL": "https://lb.example.com/portal"
}

    4. Click Update Properties.

  23. Federate the ArcGIS Server site with ArcGIS Enterprise. Use the ArcGIS Server site public DNS hostname for the Elastic IP or the CNAME DNS hostname for the ArcGIS Server URL and the ArcGIS Server private URL.

    The following is an example URL: https://awsportal.esri.com/arcgis.

    Ensure that the Amazon security groups allow communication between the two EC2 instances through the web adaptor ports 80 and 443.

  24. Set the GIS Server site as the hosting server.

Important:

Remember, if you stop and start the EC2 instance (or instances) running the portal, you must reassociate your Elastic IP with the EC2 instance.