Configure AWS Windows VM as FlexDeploy Endpoint

Objective

To create an AWS Windows VM and configure the same as a FlexDeploy Endpoint.

Steps

VM Setup

• First an EC2 VM instance is created from AWS console. We provide VM name and instance type is given as Windows Sever 2022. We do the same through highlighted Browse More AMIs option.

Open

• We change the instance type as t2.medium for better performance.

Open

• We can reuse existing key pair or can create a fresh Key pair for authentication to VM.

• We provide Key pair name and generate the key. The private key will automatically be downloaded to local machine.

• We add a new security group and select RDP(3389)/HTTP(80)/HTTPs(443) port. One thing to observe, by default we don’t have option to open SSH port(22) from this page(since Windows VM).

• Next it will take a little time to spin up the VM. Once the VM is up and running we may want to login to VM using userid/password. These credentials are also needed for VM setup as endpoint.

VM credential setup

• First select the VM, then navigate to Actions--> Security--> Get Windows password optionx`. Next we have to upload the earlier generated Key file and decrypt the password.

• It will provide the userid/password.

• We can now connect to the VM through Remote Desktop using public ip and above generated credentials.

VM SSH port opening

• If you remember we were not able to open the SSH port(22) in the first step. However this step is absolutely essential. To do the same first select the AWS EC2 instance , navigate to security tab and select the security group.

• We next add a new inbound rule to accept access on 22 port. One can always have more restricted access on source ip segment. Now the VM will accept connection on SSH port(22).

Java setup

• We install Java on the VM which is a pre-requisite for FlexDeploy endpoint setup.

VM port status check

• Simple way to verify if the VM is accessible or not can be to enable IIS on Windows server and validate.

• To do the same. open Server Manager and navigate to Add Roles and Features and add Web Server(IIS).

Ref: https://enterprise.arcgis.com/en/web-adaptor/10.5/install/iis/enable-iis-2012-components-server.htm

• Post execution of above step, we can open the page from outside the VM(since port already opened) even can telnet successfully to 80 port.

• However, even though we opened the SSH port, we still can’t access 22 port through telnet.

OpenSSH setup

• Windows 2019 onwards OpenSSH is already installed but the feature is not enabled by default.

• Navigate to Settings > Apps > Apps & features > Optional features and click on Add a feature. Locate “OpenSSH server” feature, expand it, and select Install.

Ref: https://www.server-world.info/en/note?os=Windows_Server_2022&p=ssh&f=1

• Once installed you have to enable the service as well through services. Preferably make the service Automatic to avoid future manual interventions.

• Now we are able to telnet to AWS VM on port 22 from outside VM as well.

• In case you are still facing issue, preferably check with AWS admin on security group/Network ACL/Route table configurations.

Setup VM as endpoint

• Next we provide all relevant details in FlexDeploy endpoint setup page. Base Directory should pre-exist in the target VM where the FlexDeploy execution shall take place.

• We can find TEST CONNECTION to be successful.

• We are able to successfully configure AWS VM as an FlexDeploy Endpoint and do deployment.