Skip To Content

Create an EC2 file server instance using CloudFormation

The arcgis-instance-for-file-shares.template.json template creates an Amazon Elastic Compute Cloud (EC2) to use as a file share across a deployment.

For a single ArcGIS Enterprise deployment, the following can be stored on this file share instance:

  • The portal content directory
  • The ArcGIS Server configuration store for the hosting server
  • ArcGIS Server directories for the hosting server
  • ArcGIS Server configuration stores for federated ArcGIS Server sites
  • ArcGIS Server directories for federated ArcGIS Server sites
  • ArcGIS Data Store backups

Provide the ID of the EC2 instance that this template creates when you use an Amazon Web Services (AWS) CloudFormation template provided by Esri to create deployments.

This template creates the following architecture in Amazon Web Services:

An EC2 instance in the same VPC as the rest of the deployment to use as the deployment's file share

License:

Certain icons in the diagram are used with permission from Amazon Web Services.

Prerequisites

Prerequisites can be grouped by the items—such as files and accounts—that you must obtain and the tasks you must perform before running the CloudFormation template.

Required items

You need the following before running this template:

  • An Amazon Web Services account.

    The account must have access to basic AWS services such as CloudFormation, Amazon Elastic Compute Cloud (EC2), Amazon Virtual Private Cloud (VPC), Amazon Simple Storage Service (S3), Systems Manager, Amazon CloudWatch, Lambda, AWS Identity and Access Management (IAM), Amazon DynamoDB, Secrets Manager, AWS Certificate Manager, and Amazon Relational Database Service (RDS).

  • An Amazon Virtual Private Cloud (VPC) and subnets.

    You can use one of the following CloudFormation templates to create a VPC: VPC with two public subnets or VPC with two public and private subnets with a NAT Gateway.

  • A key pair to access the EC2 instance.
  • The arcgis-instance-for-file-shares.template.json CloudFormation template.

Required tasks

Complete the following task before running this template to create a file share with a Windows operating system:

  • Configure passwords in AWS Secrets Manager (optional but recommended).

    You can configure the passwords for accounts such as the site administrator username and the Windows arcgis user password in AWS Secrets Manager. This provides you with a secret Amazon Resource Name (ARN). Use the ARN in place of a password in the template parameters when you launch a stack. If you don't use AWS Secrets Manager for storing passwords, you must type passwords in plain text in the template parameter when launching the stack.

    Note:

    When creating a secret ARN in AWS Secrets Manager for a password to be used with Esri CloudFormation templates, you must use the Other types of secrets secret type and use the Plaintext option. For more information about creating an Amazon Resource Name for passwords, see AWS CloudFormation and ArcGIS.

Parameters

Refer to the following tables for descriptions of the parameters used in this CloudFormation template. Tables are grouped by parameter type.

Amazon EC2 Configuration

Parameter nameRequired or notParameter description

Platform Type

Required

Choose the operating system platform. Supported types are as follows:

  • Windows
  • Linux

For specific operating system versions, see Operating systems supported when using CloudFormation to ArcGIS deploy on AWS.

EC2 Instance AMI ID

Optional

You can leave this parameter value empty. If you do, CloudFormation templates will use the latest Amazon Machine Image (AMI) ID for Microsoft Windows Server 2022 or Ubuntu Server 22.04 LTS based on the type of platform you selected.

Note:

You cannot leave this parameter empty if you deploy in AWS GovCloud on a Linux platform. See Esri Amazon Web Services CloudFormation templates for instructions for finding the ID for the base Ubuntu AMI from Canonical. If you deploy on a supported Linux operating system other than Ubuntu, you can find the AMI ID using AWS Management Console.

To use your own custom AMI, type the AMI ID using one of the following:

  • Provide the AMI ID in the format 'ami-xxxxx'.
  • If you stored the AMI ID in the AWS SSM parameter store, provide the SSM parameter name in the format AWS'{{resolve:ssm:[a-zA-Z0-9_.-/]+:\d+}}'.

If you use a custom AMI, ensure that it meets the following requirements:

  • EC2 instance metadata service (with either version V2 or V1) must be activated.
  • The latest version of AWS Systems Manager (SSM) Agent must be installed.
  • If the custom AMI has a Windows operating system, AWS Tools for PowerShell must be installed.

EC2 Instance Keypair Name

Required

Choose an EC2 keypair name to allow remote access to EC2 instances.

Amazon VPC Configuration

Parameter nameRequired or notParameter description

VPC ID

Required

Choose a VPC ID.

Note:

All ArcGIS Enterprise components that are part of the same deployment must be deployed in the same VPC.

If you need to create a VPC, you can use one of the VPC sample templates: VPC with public subnets or VPC with public and private subnets and a NAT Gateway.

Subnet ID 1

Required

Choose a subnet ID. The subnet ID that you select must be within the VPC you have selected above.

If you used an Esri CloudFormation template to create the VPC, you can get the subnet ID from that template's output parameters.

ArcGIS File Server Configuration

Parameter nameRequired or notParameter description

EC2 Instance Type

Required

Specify an EC2 instance type. The default is m5.2xlarge.

This is the instance type of the shared file server for the deployment.

EC2 Instance Root Drive Disk Space

Required

Provide the size of the root drive in GB. The default is 500 GB. Minimum is 200 GB. Maximum is 4096 GB.

The is the size of the root drive disk space for the file server EC2 instance.

Windows arcgis user password

Conditional

Provide a password for the arcgis user. The arcgis user is a local Windows login used to run the ArcGIS software services; therefore, this password is only required if you deploy on Windows.

All arcgis users in the same deployment—for example, all Windows machines (including file servers) in an ArcGIS Enterprise deployment or in a stand-alone ArcGIS Server site—must use the same password.

You can either enter a plain text password or the ARN of your secret ID from AWS Secrets Manager.

It's a best practice to manage your passwords in AWS Secrets Manager. For information on creating an Amazon Resource Name for passwords, see AWS CloudFormation and ArcGIS.

Outputs

When your stack is created successfully, you can see the following output parameters on the Outputs tab of the CloudFormation stack in AWS Management Console.

Output nameOutput description

FileServerInstanceId

This is the ID of the EC2 instance created by this CloudFormation stack. You can use this EC2 instance ID as the file share for deployments that you create using templates provided by Esri.

DeploymentLogsURL

This is the URL for the Amazon CloudWatch logs where all deployment logs are stored. You can refer to these logs for troubleshooting purposes if your deployment fails.

StopStackFunctionName

This is the Stop Stack Lambda function URL. You can use this lambda function to stop all EC2 instances in the stack.

StartStackFunctionName

This is the Start Stack Lambda function URL. You can use this lambda function to start all EC2 instances in the stack that you previously stopped.

Considerations

Take into account that this is a single shared file server for a deployment and it can store the portal content directory, ArcGIS Server configuration store, ArcGIS Server directories, and ArcGIS Data Store backup files, and ensure that you choose an appropriate amount of disk space for the EC2 Instance Root Drive Disk Space parameter.

Troubleshooting

If you observe any failures when creating this CloudFormation stack, see Troubleshoot ArcGIS deployments on AWS.