ArcGIS Enterprise on AWS

Have you seen all those clever and funny AWS commercials? For the normal GIS person adding yet another platform to learn and use can be a bit daunting. Don’t fret, we are not abandoning you, to put your mind at ease yes, we can handle that for you.


For those of you who are D.I.Y. Geogeeks; below are some tips.

There are only a few things you need do to make sure your EC2 instances can see each other for FQDN (Fully Qualified Domain Name) requirements of ArcGIS Enterprise deployments.

  1. EC2 Instances MUST be in the same VPC & Subnet

  2. Set permissions for the Security Group

  3. Modify Hostfile to translate IP addresses

VPC & Subnet

VPC stands for virtual private cloud. It’s Amazon’s cloud-based networking structure. AWS allows you to create a domain and subnet. There’s a lot I don’t understand here (egress only internet gateways, peering connections, NAT gates, ¯\_(ツ)_/¯ ) but one thing is for sure; this is a requirement for your servers to even know each other exist. Our original EC2 instance was old enough that I had to convert it and assign it to a VPC and subnet. I just made sure that when I created my second EC2 instance I chose the same  VPC and Subnet (and thereby, same Availability Zone).

Security Group

Your Amazon security group is kind of like an additional firewall on your server. These security groups can be separate on each instance however for ease and one less variable, I use the same security group for both. Nonetheless, you have to enable ‘All ICMP-ipv4’ traffic for this security group. 

Edit The Rules and allow this protocol. **Note: At this point you should be able to use command line and ping the IP address of each instance from the other verifying that communication works. But since we are intending to use FQDN for installation of a web adapter, you need to edit the host file.

Windows Hostfile

This is a poor man’s Domain controller. Modifying this file will tell the server how to translate the IP address into the actual server name. It’s here: C:\Windows\System32\drivers\etc\hosts Edit that file and add your Private ip address. Open up in Notepad, add your IP address, and just hit save.

That’s It!

Now you should be able to look up and connect to these machines via UNC path (with a share) or the server name. Lemon-Squeezy.

Please Know: We can help with your AWS implementation, or just do it for you ;-)

Name *