Skip To Content

Deploy a base ArcGIS Enterprise portal on AWS

The following are the general steps for deploying a base ArcGIS Enterprise portal running on Amazon Web Services (AWS) using AWS tools.

Tip:

Alternatively, you can use ArcGIS Enterprise Cloud Builder for Amazon Web Services to configure an ArcGIS Enterprise deployment on AWS.

  1. Download Portal for ArcGIS, ArcGIS Server, and ArcGIS Web Adaptor software from My Esri.
  2. Download your Portal for ArcGIS and ArcGIS GIS Server license files from My Esri.
  3. Use an Amazon Machine Image (AMI) with a supported operating system to create Amazon Elastic Compute Cloud (EC2) instances.

    If you have never used this particular AMI before, you must read and accept AWS Marketplace terms before launching an instance.

    If you launch an EC2 instance that has sufficient RAM and disk space to accommodate it, you can install Portal for ArcGIS, ArcGIS Web Adaptor, and ArcGIS Server on the same instance. In most cases, though, you will likely install components on separate EC2 instances, and each component may include more than one instance.

  4. Connect to an EC2 instance, install Portal for ArcGIS, and authorize Portal for ArcGIS using the license you downloaded in step 2.

    Install the software but do not proceed with configuration.

    See the Portal for ArcGIS installation guide for instructions. Use the Other versions menu to access the instructions appropriate to the operating system on the EC2 instance.

  5. Create an Amazon Elastic IP and associate it with the Portal for ArcGIS EC2 instance.
  6. Set up CNAME mapping to create a more user-friendly Domain Name System (DNS) hostname.
  7. On the Portal for ArcGIS instance, open the hostidentifier.properties file and remove the comment marks from the preferredidentifier=ip property.

    The file is found in the <Portal for ArcGIS installation directory>\framework\runtime\ds\framework\etc\ directory.

  8. Start Portal for ArcGIS.
    • On a Microsoft Windows instance, start the Portal for ArcGIS service from the Windows Services panel.
    • On a Linux instance, sign in as the arcgis user and run startportal.sh in the /arcgis/portal directory to start Portal for ArcGIS.
  9. Open the portal website and create the portal.

    To connect to the portal from a remote machine, the portal URL is in the format https://<fully qualified machine name>:7443/arcgis/home. On the local machine, you can use the URL https://localhost:7443/arcgis/home/.

    1. Create the initial administrator account. This account is required when registering the portal with ArcGIS Web Adaptor.
    2. Import the license file you obtained in step 1.
    3. Specify the portal content directory.
  10. Install ArcGIS Web Adaptor to use with Portal for ArcGIS.

    ArcGIS Web Adaptor can run on the same instance as Portal for ArcGIS or on another EC2 instance.

    Install the software but do not configure it.

    See the ArcGIS Web Adaptor installation guide for instructions. Use the Other versions menu to access the instructions appropriate to the type of web adaptor you require.

  11. If you installed ArcGIS Web Adaptor on an EC2 instance separate from the Portal for ArcGIS instance, create an Amazon Elastic IP and associate it with the ArcGIS Web Adaptor EC2 instance.
  12. Enable HTTPS on at least the ArcGIS Web Adaptor directory, using a CA-signed certificate.

    The certificate is issued to the public DNS hostname for the Elastic IP or the CNAME DNS hostname that maps to the Elastic IP.

    Note:

    Do not use a self-signed certificate when running Portal for ArcGIS.

  13. Configure ArcGIS Web Adaptor with Portal for ArcGIS. You can do this from a web browser on the local machine or from command line on a Linux instance.
    1. If running from a web browser, open the ArcGIS Web Adaptor configuration page.

      The web adaptor registration page opens automatically when you install; however, change the URL to use the elastic IP of the EC2 instance or the CNAME DNS hostname where ArcGIS Web Adaptor is installed. For example, change the URL from https://localhost/arcgis/webadaptor to https://<Elastic IP>/arcgis/webadaptor or https://<CNAME DNS hostname>/arcgis/webadaptor.

    2. Use the elastic IP or CNAME DNS hostname in the URL rather than the portal machine name in Portal URL. For example, type https://<Elastic IP>:7443/arcgis or https://<CNAME DNS hostname>:7443/arcgis.
  14. Create an ArcGIS GIS Server site to be used as the portal's hosting server.

  15. Install ArcGIS Server on an EC2 instance and authorize it using the ArcGIS GIS Server license you downloaded in step 2.

    Install the software but do not create a site yet.

    See the ArcGIS Server installation guide for instructions. Use the Other versions menu to access the instructions appropriate to the operating system on the EC2 instance.

  16. Associate an Amazon Elastic IP with the instance.
  17. Optionally, set up CNAME mapping to create a more user-friendly DNS hostname.
  18. Create an ArcGIS Server site.
  19. Install a web adaptor for the ArcGIS Server site.

    ArcGIS Web Adaptor can run on the same instance as ArcGIS Server or on another EC2 instance.

    Install the ArcGIS Web Adaptor software but do not configure it with the site yet.

    See the ArcGIS Web Adaptor installation guide for instructions. Use the Other versions menu to access the instructions appropriate to the type of web adaptor you require.

  20. Enable HTTPS on at least the ArcGIS Web Adaptor directory, using a CA-signed certificate.

    The certificate is issued to the public DNS hostname for the Elastic IP or the CNAME DNS hostname that maps to the Elastic IP.

    Note:

    Do not use a self-signed certificate for this ArcGIS Server site.

    If the ArcGIS Server site runs on the same EC2 instance as the portal, use the same type of web server (such as IIS) with the same CA-signed certificate.

  21. Configure the web adaptor with the ArcGIS Server site and click Enable administrative access to your site through the Web Adaptor.

    Change the web adaptor registration page URL and GIS Server URL to include the elastic IP or CNAME DNS hostname rather than the ArcGIS Server machine name used for the web adaptor and ArcGIS Server EC2 instance.

  22. Configure an ArcGIS Data Store relational data store with the ArcGIS GIS Server site.
  23. Set the portal's WebContextURL and privatePortalURL properties. This helps Portal for ArcGIS construct the correct URLs on all resources it sends to the end user.
    1. Open a web browser and sign in to the ArcGIS Portal Directory as a member of the default administrator role in the portal organization. The URL is formatted https://portal.domain.com:7443/arcgis/portaladmin.
    2. Click System > Properties > Update Properties.
    3. On the Update System Properties dialog box, insert the following JSON, substituting your own reverse proxy server or DNS alias URL as seen by users outside your organization's firewall:
      {
         "privatePortalURL": "https://lb.domain.com/portal",
         "WebContextURL": "https://lb.domain.com/portal"
      }
    4. Click Update Properties.
  24. Federate the ArcGIS Server site with your portal. Use the ArcGIS Server site public DNS hostname for the Elastic IP or the CNAME DNS hostname for the ArcGIS Server URL and the ArcGIS Server private URL.

    The following is an example URL: https://awsportal.esri.com/arcgis.

    Make sure your Amazon security groups allow communication between the two EC2 instances through the web adaptor ports 80 and 443.

  25. Set the GIS Server site as the portal's hosting server.

Remember, if you stop and start the EC2 instance (or instances) running the portal, you must reassociate your Elastic IP with the EC2 instance.