Skip To Content

Deploy Portal for ArcGIS on AWS

Esri Amazon Machine Images (AMIs) have Portal for ArcGIS and ArcGIS Web Adaptor installed. Launch an instance using one of the Esri AMIs and configure an ArcGIS Enterprise portal.

The following are the general steps for getting Portal for ArcGIS running on AWS.

Tip:

Alternatively, you can use ArcGIS Enterprise Cloud Builder Command Line Interface for Amazon Web Services and Esri sample CloudFormation templates to deploy an ArcGIS Enterprise portal on Amazon Web Services.

  1. Launch an Amazon Web Services instance from an Esri AMI.

    If you have never used this particular AMI before, you must read and accept AWS Marketplace terms before launching an instance.

  2. Create an Amazon Elastic IP and associate it with the instance.
  3. Optionally set up CNAME mapping to create a more user-friendly Domain Name System (DNS) hostname.
  4. Create a remote connection to the instance.
  5. Start Portal for ArcGIS.
    • On a Windows instance, start the Portal for ArcGIS service from the Windows Services panel.
    • On an Ubuntu instance, log in as the arcgis user and run startportal.sh in /arcgis/portal to start Portal for ArcGIS.
  6. Run the Portal for ArcGIS Software Authorization wizard to license your portal.
  7. Connect to the portal and create the initial administrator account. This account is required when registering the portal with ArcGIS Web Adaptor.

    To connect to the portal from a remote machine to create the initial administrator account, the portal URL is in the format https://<fully qualified machine name>:7443/arcgis/home. On the local machine, you can use the URL https://localhost:7443/arcgis/home/.

  8. Enable HTTPS on at least the ArcGIS Web Adaptor directory, using a CA-signed certificate.

    The certificate is issued to the public DNS hostname for the Elastic IP or the CNAME DNS hostname that maps to the Elastic IP.

    Note:

    Do not use a self-signed certificate when running Portal for ArcGIS.

  9. Configure ArcGIS Web Adaptor with Portal for ArcGIS. You can do this from a web browser on the local machine or from command line on Ubuntu.
    1. If running from a web browser, open the ArcGIS Web Adaptor configuration page.

      The web adaptor registration page opens automatically when you install; however, change the URL to use the elastic IP of the AWS instance or the CNAME DNS hostname where ArcGIS Web Adaptor is installed. For example, change the URL from https://localhost/arcgis/webadaptor to https://<Elastic IP>/arcgis/webadaptor or https://<CNAME DNS hostname>/arcgis/webadaptor.

    2. Use the elastic IP or CNAME DNS hostname in the URL rather than the portal machine name in the Portal URL. For example, type https://<Elastic IP>:7443/arcgis or https://<CNAME DNS hostname>:7443/arcgis.
  10. Optionally federate an ArcGIS Server site with your portal. The steps below federate an ArcGIS Server site running on a different AWS instance. If your ArcGIS Server runs on the same AWS instance as your portal, use the same web server (such as IIS) with the same CA-signed certificate.

  11. Start an ArcGIS Server instance from the Esri AMIs.
  12. Associate an Amazon Elastic IP with the instance.
  13. Optionally set up CNAME mapping to create a more user-friendly DNS hostname.
  14. Create a remote connection to the instance.
  15. Authorize ArcGIS GIS Server.
  16. Create an ArcGIS Server site.
  17. Install a web adaptor for your ArcGIS Server site.
  18. Enable HTTPS on at least the ArcGIS Web Adaptor directory, using a CA-signed certificate. The certificate is issued to the public DNS hostname for the Elastic IP or the CNAME DNS hostname that maps to the Elastic IP.
    Note:

    Do not use a self-signed certificate for the ArcGIS Server site federated with Portal for ArcGIS when running on AWS.

  19. Configure the web adaptor with the ArcGIS Server site and Enable administrative access to your site through the Web Adaptor.

    Change the web adaptor registration page URL and GIS Server URL to include the elastic IP or CNAME DNS hostname rather than the ArcGIS Server machine name used for the web adaptor and ArcGIS Server AWS instance.

  20. Set the portal's WebContextURL and privatePortalURL properties. This helps Portal for ArcGIS construct the correct URLs on all resources it sends to the end user.
    1. Open a web browser and sign in to the ArcGIS Portal Directory as a member of the default administrator role in your portal organization. The URL is formatted https://portal.domain.com:7443/arcgis/portaladmin.
    2. Click System > Properties > Update Properties.
    3. On the Update System Properties dialog box, insert the following JSON, substituting your own reverse proxy server or DNS alias URL as seen by users outside your organization's firewall.
      {
         "privatePortalURL": "https://lb.domain.com/portal",
         "WebContextURL": "https://lb.domain.com/portal"
      }
    4. Click Update Properties.
  21. Federate the ArcGIS Server site with your portal. Use the ArcGIS Server site public DNS hostname for the Elastic IP or the CNAME DNS hostname for the ArcGIS Server URL and the ArcGIS Server private URL.

    The following is an example URL: https://awsportal.esri.com/arcgis.

    Make sure your Amazon security groups allow communication between the two AWS instances through the web adaptor ports, 80 and 443.

  22. If you configured an ArcGIS Data Store relational data store with your ArcGIS GIS Server site, you can set the site as the portal's hosting server.

Remember, if you stop and start the AWS instance running the portal, reassociate your Elastic IP with the AWS instance.