Skip To Content

AWS CloudFormation and ArcGIS

You can use Amazon Web Services (AWS) CloudFormation templates provided by Esri to create an Elastic Load Balancer and deploy the following architectures:

You can also copy and modify these templates to fit your specific needs, or create your own templates to implement your own deployment patterns.

ArcGIS Enterprise Cloud Builder for Amazon Web Services uses CloudFormation templates. You can also work with the CloudFormation templates directly—either launch stacks from the AWS Management Console or script stack creation.

AWS CloudFormation is a service that helps you define architectures on Amazon Web Services. It is an example of infrastructure as code, meaning you write code that can deploy a particular hardware infrastructure in a cloud environment. In the case of CloudFormation, you use a JavaScript object notation (JSON) template to define a stack of resources that work together in a predetermined way. CloudFormation ensures that you always maintain a minimum number of machines in your site, allowing for seamless recovery when one of your machines is unavailable.

Using CloudFormation templates also makes launching and maintaining a deployment easier than doing it manually and allows you to set up identical architectures in different AWS accounts or regions.

CloudFormation templates

Esri stores CloudFormation templates in an Amazon Simple Storage Service (S3) bucket, from which you can download them. Templates are specific to an ArcGIS release. Use the software release number links at the top of each page to access other releases.

Create Elastic Load Balancer

Rather than create an Elastic Load Balancer in AWS Management Console, you can use one of the Esri sample CloudFormation templates to create the load balancer for your highly available ArcGIS Enterprise deployment or ArcGIS Server site. There is also a separate template to create a load balancer for your ArcGIS GeoEvent Server site.

The templates link your imported SSL certificate to the load balancer.

Once you have a load balancer, map it to the domain name for your deployment.

Deploy ArcGIS Enterprise using CloudFormation

CloudFormation templates are available to deploy ArcGIS Enterprise on AWS. ArcGIS Enterprise deployments include the following ArcGIS components:

  • Portal for ArcGIS
  • ArcGIS Server
  • ArcGIS Web Adaptor
  • ArcGIS Data Store

You need the following before you can run the CloudFormation templates to deploy ArcGIS Enterprise:

  • A valid domain name for your site.
  • A TLS (SSL) certificate for your domain, obtained from a certifying authority.
  • An Elastic IP address that you will associate with the Amazon Elastic Compute Cloud (EC2) instance; you must map your domain name to the Elastic IP address.

Deploy ArcGIS Enterprise on one machine

Esri provides a single-machine sample CloudFormation template that allows you to deploy ArcGIS Enterprise on a single AWS instance.

The sample single-machine deployment CloudFormation templates configure the following components to work together on a single machine on AWS:

  • Portal for ArcGIS is registered with ArcGIS Web Adaptor using the context portal. For example, the registered portal URL is in the format https://<domain name>/portal/home.
  • An ArcGIS GIS Server site is created and registered with ArcGIS Web Adaptor using the context server. For example, the ArcGIS Server Manager URL is in the format https://<domain name>/server/manager.
  • ArcGIS Data Store relational and tile cache data stores are created and registered with the GIS Server site. This allows the GIS Server site to store hosted web layer data for the portal.
  • The GIS Server site is federated with the portal and set as the portal's hosting server.

Base ArcGIS Enterprise deployment on one AWS virtual machine

Use the single-machine deployment templates and the steps in Use AWS CloudFormation to deploy ArcGIS Enterprise on a single AWS instance.

You can optionally store the ArcGIS Server configuration store in Amazon DynamoDB and S3, and store the Portal for ArcGIS content directory in an S3 bucket instead in a directory on this single machine.

Note:

If you store your ArcGIS Server configuration store in Amazon DynamoDB and S3 and your Portal for ArcGIS content directory in an S3 bucket, they are deleted when you delete this deployment. If you want to keep this content, make a copy of it before deleting the deployment.

Deploy highly available ArcGIS Enterprise components

Esri provides CloudFormation template that allow you to create a highly available ArcGIS Enterprise deployment on AWS. These templates install and configure the products listed in the previous section, and it configures each component so that data and services are available even if one machine in the deployment fails. This includes the file server instance configured with AWS Auto Recovery to store the portal content, the configuration store and directories for ArcGIS Server, and backup files for the relational and tile cache data stores. (Note that you need to manually configure backups for tile cache data stores, they are not automatically created by default. See the ArcGIS Data Store help for more information.)

At a minimum, a highly available ArcGIS Enterprise deployment includes three machines. The following diagram shows the software components per machine on AWS:

Highly available ArcGIS Enterprise deployment on AWS

This configuration can optionally include separate machines running a spatiotemporal big data store cluster.

This instance can only be recovered to the same availability zone. If the whole availability zone is unavailable, your ArcGIS Enterprise deployment cannot recover unless you have set up an identical, secondary deployment in a different AWS region. This scenario is described in the next section.

Note:

If you store your ArcGIS Server configuration store in Amazon DynamoDB and S3 and your Portal for ArcGIS content directory in an S3 bucket, they are deleted when you delete this deployment. If you want to keep this content, make a copy of it before deleting the deployment.

Deploy two identical ArcGIS Enterprise configurations in different regions for disaster recovery

You can create two ArcGIS Enterprise deployments in two different regions and have one deployment be an active, primary deployment. Use the webgisdr tool installed with Portal for ArcGIS to replicate content from the primary deployment to the standby deployment in another region. This deployment is shown in the following diagram:

Replicated ArcGIS Enterprise deployment

Note:

If you store your ArcGIS Server configuration store in Amazon DynamoDB and S3 and your Portal for ArcGIS content directory in an S3 bucket, they are deleted when you delete this deployment. If you want to keep this content, make a copy of it before deleting the deployment.

Deploy ArcGIS Server sites using CloudFormation

Esri provides sample CloudFormation templates that allow you to create ArcGIS Server sites to fill different roles. Which role the site fills depends on the template you use and the license you provide.

Deploy a highly available ArcGIS Server site with a shared configuration store

An ArcGIS Server site consists of a web server, web adaptor, data server, and one or more ArcGIS Server installations (including the configuration store and server directories) that you can distribute across multiple machines to increase computing power. Each component in the site plays a specific role in the process of managing the resources that are allocated to a set of services.

You can use one of the CloudFormation templates listed in the following table, and follow the steps in Use AWS CloudFormation to define a highly available ArcGIS Server site that contains two or more ArcGIS Server installations and uses Amazon S3 and DynamoDB for the configuration store. When you use one of these templates, automatic recovery is set for the ArcGIS Server directories; therefore, if one machine fails, your services will still be available.

License role and template nameType of siteRole the site plays

ArcGIS GIS Server

GIS Server

Can be a stand-alone or federated GIS Server site to which you can publish feature, map, geoprocessing, geocoding, geodata, or geometry services.

ArcGIS GeoAnalytics Server

GeoAnalytics Server

Acts as a federated GeoAnalytics Server server to allow portal users to run GeoAnalytics Tools.

ArcGIS Image Server

Image Server

Can be a stand-alone or federated Image Server site to which you can publish image services from mosaic datasets. If federated with a portal, you can set this site as the portal's raster analysis server.

The following diagram shows an ArcGIS Server site with a file server machine to store ArcGIS Server directories and DynamoDB for the ArcGIS Server configuration store:

Highly available ArcGIS Server site

Configuration store

When you use Amazon S3 and DynamoDB for your configuration store, most services will be highly available with the following exceptions:

  • Geoprocessing services cannot be made highly available.
  • Cached services are not automatically highly available, but you can configure them separately to be highly available.

When you create a highly available ArcGIS Server site using one of the arcgis-server-<os>-haconfigstore templates, the following are created in your AWS account:

  • A DynamoDB table named ArcGISConfigStores in the AWS region in which you deploy the ArcGIS Server site, provisioned with 5 read capacity units and 1 write capacity unit
  • A DynamoDB table for each namespace, named ArcGISConfigStores.<namespace>, created with 250 read- and 25 write-provisioned capacity units
  • An S3 bucket for each namespace, with the name arcgis-config-store-<namespace>-<unique ID>

Note that when you delete the ArcGIS Server site, ArcGIS deletes the S3 buckets and DynamoDB tables for each namespace. You must manually delete the DynamoDB table if you will not be deploying ArcGIS Server sites to that AWS region.

Also note that you must manage provisioned throughput settings on the DynamoDB tables to ensure reliable and fast operation of the ArcGIS Server configuration store.

Server directories

Sites deployed using the ArcGIS Server high availability template are configured for automatic recovery. If a directory is on an instance that crashes or becomes unavailable, AWS replaces the instance to the state it was in prior to the crash. If the entire Amazon Availability Zone is unavailable for a long time, your ArcGIS Server site will not be available. If you need your site to be available even if an Amazon Availability Zone is down, you can take advantage of backup capabilities of AWS cloud storage. You can access those backup copies to restore your site.

When your server directories are stored in AWS storage services, follow these steps to recover your ArcGIS Server site when an Amazon Availability Zone is down.

  1. Re-create the Amazon Virtual Private Cloud (VPC) subnet associated with the failed Availability Zone in a new Availability Zone.
  2. Use the ArcGIS Amazon Machine Image to launch an EC2 instance in the re-created VPC subnet. The instance must have the same private IP address as it had before the original site became unavailable.
  3. Once the instance is running, log in to it and change the ArcGIS administrator account password to match the password specified when you originally created your site using CloudFormation.
  4. Ensure that the root path of the shared server directories location is available.

    You cannot designate a new location for the shared server directories.

  5. Log in to the ArcGIS Server Administrator Directory.
  6. Go to System > directories > recover.
  7. Click Recover.

    The contents or folder structure from the cloud backup will be copied to the shared server directories.

Deploy an ArcGIS GeoEvent Server site

Use one of the ArcGIS GeoEvent Server CloudFormation templates to create a single-machine ArcGIS GeoEvent Server site.

The site can be a stand-alone or federated GeoEvent Server from which you stream real-time observation data.

Deploy a single-machine (active-active) ArcGIS Server site

A single-machine (active-active) ArcGIS Server site (formerly referred to as a siloed architecture) contains many identical but independent ArcGIS Server machines that run under a load balancer to distribute jobs among themselves. Each ArcGIS Server site is self-contained on a single machine and has its own configuration store. One of the main benefits of this architecture is that it allows you to continue running ArcGIS Server even if you lose an individual ArcGIS Server instance, which means your services are available even if one of the machines fails.

Highly available single-machine architecture ArcGIS Server site

However, the single-machine architecture cannot be built with the ArcGIS Server Cloud Builder on Amazon Web Services; you must create it manually using the AWS Management Console or APIs. To help ease creation of a highly available, single-machine ArcGIS Server site, use AWS CloudFormation with the arcgis-siloed-server-VPC.template and the steps in Use AWS CloudFormation to define the site and load balancer that holds the ArcGIS Server machines together. The arcgis-siloed-server-VPC.template uses autoscaling, which ensures that you always maintain a minimum number of machines in your site but adds or removes machines based on ArcGIS Server usage, allowing for seamless recovery when one of your machines becomes unavailable.

As with other deployment scenarios described in this topic, the ArcGIS Server site's role is determined by the license you provide when creating the site.

*Certain icons in the diagrams in this topic are used with permission from Amazon Web Services.

Upgrade deployments

Sample CloudFormation templates are available to upgrade the following types of deployments created with Esri CloudFormation templates:

  • Stand-alone ArcGIS Server 10.5 or later release sites
  • Specific versions of ArcGIS Enterprise deployments

Follow the instructions provided with each CloudFormation template version to complete the upgrade process.