The Esri arcgis-enterprise-allinone-upgrade.template.json Amazon Web Services (AWS) CloudFormation template upgrades a base ArcGIS Enterprise 10.9 deployment on one Amazon Elastic Compute Cloud (EC2) instance plus one EC2 instance for a file server that was created using the template described in Deploy base ArcGIS Enterprise on one machine using CloudFormation.
The arcgis-enterprise-allinone-upgrade.template.json template upgrades the following components on a single machine on AWS:
- Portal for ArcGIS
- ArcGIS Server
- ArcGIS Web Adaptor
- ArcGIS Data Store
Prerequisites can be grouped by the items—such as files and accounts—that you must obtain and the tasks you must perform before running the CloudFormation template.
You need the following before running this template:
- An Amazon Web Services account with access to the deployment to be upgraded.
- Esri licenses. License files for Portal for ArcGIS, ArcGIS GIS Server, and any ArcGIS Server licensing roles you have in addition to the base deployment. All license files must be for the same ArcGIS version.
- An SSL certificate file or certificates (in .pfx format) and corresponding passwords. Certificates must be from a certifying authority.
- An existing base ArcGIS Enterprise deployment that you created using the Esri Amazon Web Services CloudFormation template arcgis-enterprise-allinone.template.json.
- The upgrade CloudFormation template, arcgis-enterprise-allinone-upgrade.template.json.
To upgrade your deployment, run this upgrade CloudFormation template, which will create a new CloudFormationstack. Do not update the existing 10.9 deployment CloudFormation stack using this template.
Complete the following tasks before running this template:
- Prepare a deployment Amazon Simple Storage Service (S3) bucket in your AWS account. You will specify the bucket name in the template when you launch the stack.
- Create a bucket or use an existing S3 bucket. You must be the owner of the bucket.
- Upload your ArcGIS software authorization files to the bucket.
- Upload your SSL certificate file to the deployment bucket.
- Configure passwords in AWS Secrets Manager (optional but recommended).
You can configure the passwords for accounts such as the site administrator user name and the Windows arcgis user password in AWS Secrets Manager. This provides you with a secret Amazon Resource Name (ARN). Use the ARN in place of a password in the template parameters when you launch a stack. If you don't use AWS Secrets Manager for storing passwords, you must type passwords in plain text in the template parameter when launching the stack.
When creating a secret ARN in AWS Secrets Manager for a password to be used with Esri CloudFormation templates, you must use the Other types of secrets secret type and use the Plaintext option. For more information on creating an Amazon Resource Name for passwords, see AWS CloudFormation and ArcGIS.
By default, CloudFormation deletes partially created resources if stack creation fails. This is helpful because it removes unusable deployments from your account, but it can make it difficult to troubleshoot. To retain the stack in its failed state, disable the Rollback on failure CloudFormation stack creation option before launching the stack. See Setting AWS CloudFormation options in the AWS help for more information.
The following table contains the parameters used in this template and a description of each parameter.
ArcGIS Enterprise Configuration
|Parameter name||Required?||Parameter description|
Choose the platform type of your existing ArcGIS Enterprise deployment.
ArcGIS Enterprise EC2 Instance ID
Choose the ID of the EC2 instance in your existing ArcGIS Enterprise deployment.
If you created the existing deployment using an Esri CloudFormation template or ArcGIS Enterprise Cloud Builder for AWS, you can find the instance ID in the existing CloudFormation stack's Resources section in AWS Management Console. The logical ID of the resource is AllInOneEC2Instance.
Deployment Bucket Name
Provide the name of the Amazon S3 bucket that contains your software license files and SSL certificates. This bucket must already exist and contain the license file and SSL certificate for your deployment.
You must be the owner of the bucket and it must reside in the same AWS account as your deployment.
Portal License File Name
Provide the Portal for ArcGIS authorization file object key name. You must upload the license file (.json file) to the deployment bucket before launching this stack. You can get the file object key name by browsing to the file in the deployment bucket in the AWS S3 console, for example, portal.json or resources/licenses/portal/portal.json.
License file names are case sensitive. Ensure that you type the correct name and case.
Server License File Name
Provide the ArcGIS Server authorization file object key name. You must upload the license file (.ecp or .prvc) to the deployment bucket before launching this stack.
To get the file object key name, browse to the file in the deployment bucket in the Amazon S3 console, for example, server.prvc or resources/licenses/server/server.prvc.
You must use an ArcGIS GIS Server license because it will be used to license the hosting server.
License file names are case sensitive. Ensure that you type the name correctly.
Portal and Server Administrator User Name
Portal and Server Administrator User Password
Provide a password for the initial portal administrator and the ArcGIS Server primary site administrator of your existing deployment.
You can either type a plain text password or the ARN of your secret ID from AWS Secrets Manager.
Windows arcgis user password
This password is only required if you deployed on Windows. Provide the password for the arcgis user of your existing deployment.
You can either enter a plain text password or the ARN of your secret ID from AWS Secrets Manager.
It's a best practice to manage your passwords in AWS Secrets Manager. For information on creating an Amazon Resource Name for passwords, see AWS CloudFormation and ArcGIS.
Provide the fully qualified domain name of your existing ArcGIS Enterprise deployment.
Portal Web Adaptor Name
Provide the Portal for ArcGIS web adaptor name of your existing ArcGIS Enterprise deployment.
Server Web Adaptor Name
Provide the ArcGIS Server web adaptor name of your existing ArcGIS Enterprise deployment.
SSL Certificate File Name
Provide an SSL certificate from a certifying authority (.pfx file). Use the same (or renewed) SSL certificate used when you created your existing deployment.
You must upload the certificate to the deployment bucket before launching this stack. You can get the file object key name by browsing to the file within the deployment bucket in the AWS S3 console, for example, domainname.pfx or resources/sslcerts/domainname.pfx.
SSL Certificate Password
Provide the password for the SSL certificate. You can either type a plain text password or the ARN of your secret ID from AWS Secrets Manager. For information on creating an Amazon Resource Name for passwords, see AWS CloudFormation and ArcGIS.
When your stack is created successfully, you can see the following output parameters on the Outputs tab of the CloudFormation stack in AWS Management Console.
|Output name||Output description|
The URL to access the portal.
The ArcGIS Server Manager URL.
The ArcGIS Server REST Services URL.
This is the URL for the Amazon CloudWatch logs where all deployment logs are stored. You can refer to these logs for troubleshooting purposes if your deployment fails.
The following are important points to consider after creating a CloudFormation stack containing ArcGIS deployments:
- Once your stack is created successfully (in other words, the stack status is CREATE_COMPLETE), that means your ArcGIS Enterprise deployment is upgraded successfully. You can validate this by signing into the portal website and ArcGIS Server Manager or the REST services directory.
- If the CloudFormation stack failed to create successfully (in other words, the stack status is CREATE_FAILED), you can troubleshoot the error as mentioned in the page linked to from the Troubleshooting section below. After pinpointing the root cause of the error and taking required action, you can delete the failed stack and create a new one to upgrade the existing ArcGIS Enterprise deployment.
- If you receive a notice regarding licenses when you sign in to the portal after an upgrade, you may not have imported a license file that meets your current licensing configuration, or your users may be assigned a temporary user type. See Considerations after upgrading Portal for ArcGIS in the Portal for ArcGIS installation guide.
If you observe any failures when creating this CloudFormation stack, see Troubleshoot ArcGIS deployments on AWS.