Page 1 of 27
Sitecore XP 9.3 on the AWS Cloud
Quick Start Reference Deployment
May 2020
Dylan Owen and Tony Bulding, AWS Quick Start team
Visit our GitHub repository for source files and to post feedback,
report bugs, or submit feature ideas for this Quick Start.
Contents
Overview .................................................................................................................................... 2
Sitecore XP 9.3 on AWS ......................................................................................................... 3
Cost and licenses .................................................................................................................... 3
Architecture ............................................................................................................................... 4
Planning the deployment .......................................................................................................... 6
Specialized knowledge ........................................................................................................... 6
AWS account .......................................................................................................................... 7
Technical requirements ......................................................................................................... 7
Prepare for the Sitecore deployment .....................................................................................8
Deployment options ...............................................................................................................8
Deployment steps ...................................................................................................................... 9
Step 1. Sign in to your AWS account ...................................................................................... 9
Step 2. Launch the Quick Start .............................................................................................. 9
Step 3. Post-deployment steps ............................................................................................. 22
Step 4. Test the deployment ................................................................................................ 22
Best practices for using Sitecore XP 9.3 on AWS ................................................................... 22
Other useful information ........................................................................................................ 23
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 2 of 27
Personalized content on Sitecore roles ................................................................................ 23
Parameter Store ................................................................................................................... 23
Secrets Manager ................................................................................................................... 23
Sitecore certificates .............................................................................................................. 23
Sitecore Internet Information Service configurations ........................................................ 24
Redis for session management ............................................................................................ 24
FAQ .......................................................................................................................................... 24
Send us feedback ..................................................................................................................... 25
Additional resources ............................................................................................................... 26
Document revisions ................................................................................................................. 26
This Quick Start was created by the Amazon Web Services (AWS) Quick Start team.
Quick Starts are automated reference deployments that use AWS CloudFormation
templates to deploy key technologies on AWS, following AWS best practices.
Overview
The Sitecore Experience Platform (XP) is a content management system (CMS) for web
content that automates marketing to deliver a personalized user experience. This Quick
Start is intended for organizations that want to deploy a multirole Sitecore XP 9.3
architecture on the AWS Cloud.
This Quick Start provides step-by-step instructions to deploy 12 roles that compose the
complete Sitecore XP platform. All of the roles are deployed into individual Auto Scaling
groups to ensure recoverability when an instance fails. Database services are provided by
SQL Server through Amazon Relational Database Service (Amazon RDS), and caching is
managed by Redis on Amazon ElastiCache.
To control access, this deployment uses AWS Certificate Manager (ACM) and AWS Secrets
Manager. Other services used by this Quick Start include Amazon Simple Storage Service
(Amazon S3), AWS Systems Manager, Amazon CloudWatch, AWS Lambda, and Amazon
Route 53.
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 3 of 27
Sitecore XP 9.3 on AWS
The Sitecore XP workloads are deployed on multiple Amazon EC2 instances for improved
performance. The content-delivery and content-management roles can be scaled for high
availability. Other Sitecore roles have restrictions on active/active roles and are designed
for active/passive standby. Due to this, other Sitecore roles belong to their own Auto
Scaling groups as single instances. Should an instance become unavailable, it’s replaced by
a new instance and configured with a Sitecore role of the same type.
Website content can be deployed to the content-delivery and content-management roles
using your choice of deployment software. User data for private and shared sessions is
configured on the content-delivery instances to be stored within Redis in Amazon
ElastiCache.
Please know that we may share who uses AWS Quick Starts with the AWS Partner Network
(APN) Partner that collaborated with AWS on the content of the Quick Start.
Cost and licenses
You are responsible for the cost of the AWS services used while running this Quick Start
reference deployment. There is no additional cost for using the Quick Start.
The AWS CloudFormation template for this Quick Start includes configuration parameters
that you can customize. Some of these settings, such as instance type, affect the cost of
deployment. For cost estimates, see the pricing pages for each AWS service you use. Prices
are subject to change.
Tip: After you deploy the Quick Start, we recommend that you enable the AWS Cost
and Usage Report. This report delivers billing metrics to an S3 bucket in your
account. It provides cost estimates based on usage throughout each month and
finalizes the data at the end of the month. For more information about the report,
see the AWS documentation.
This Quick Start requires a Sitecore XP 9.3 license. To use the Quick Start in your
production environment, sign up for a developer trial license. For a full license, contact a
Sitecore sales representative or Sitecore partner. Before you launch the Quick Start, place
the license key in the deployment’s associated S3 bucket, and specify its location. For more
information, see the Prepare for the Sitecore deployment section.
If you don’t have a license, the Quick Start deployment will not complete successfully.
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 4 of 27
Architecture
Deploying this Quick Start for a new virtual private cloud (VPC) with default parameters
builds the following Sitecore XP 9.3 environment in the AWS Cloud.
Figure 1: Quick Start architecture of services for Sitecore XP 9.3 on AWS
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 5 of 27
Figure 2: Quick Start architecture of resources for Sitecore XP 9.3 on AWS
As shown in figures 1 and 2, the Quick Start sets up the following:
A highly available architecture that spans two Availability Zones.*
A virtual private cloud (VPC) configured with public and private subnets, according to
AWS best practices, to provide you with your own virtual network on AWS.*
A Microsoft remote desktop gateway (RDGW) in an Auto Scaling group to allow
inbound remote desktop access to Amazon Elastic Compute Cloud (Amazon EC2)
instances in the public and private subnets.*
In the public subnets:
– Managed network address translation (NAT) gateways to allow outbound
internet access for resources in the private subnets.*
– An internet-facing Application Load Balancer (ALB) for routing traffic to the
instances for content delivery, content management, and identity server.
In the private subnets:
– Sitecore roles deployed on a single Amazon EC2 instance that’s contained within
an Auto Scaling group.
– An internal ALB for the reporting and processing roles.
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 6 of 27
– Network Load Balancers (NLBs) for Transport Layer Security (TLS) pass-through
for the remaining Sitecore instances.
– Each EC2 instance is deployed into its own Auto Scaling group.
– Amazon Route 53 private hosted zone for internal Domain Name System (DNS)
lookups within the VPC.
– Amazon ElastiCache for Redis.
An EC2 Amazon Machine Image (AMI), which is used in the initial deployment of all
Sitecore roles and in subsequent Auto Scaling events.
AWS Systems Manager to store parameter data and the AMI automation build
document.
Amazon Simple Storage Service (Amazon S3) artifacts bucket for storing static data.
Amazon RDS SQL Server to provide database services.
Amazon CloudWatch for monitoring deployed services.
AWS Secrets Manager for access control.
AWS Certificate Manager (ACM) for access control.
A Lambda function to convert and import the certificate into ACM.
* The template that deploys the Quick Start into an existing VPC skips the components
marked by asterisks and prompts you for your existing VPC configuration.
Planning the deployment
Specialized knowledge
This Quick Start assumes familiarity with PowerShell, Apache Solr, and Sitecore XP roles
and configurations. It also requires a moderate level of familiarity with AWS services. If
you’re new to AWS, visit the Getting Started Resource Center and the AWS Training and
Certification website. These sites provide materials for learning how to design, deploy, and
operate your infrastructure and applications on the AWS Cloud.
In some scenarios you may want to deploy Sitecore into an existing VPC, which has a self-
managed DNS rather than a Route 53–connected hosted zone. When deploying this Quick
Start into an existing VPC, set VPCPrivateDNS to true. Then create DNS Canonical Name
Record (CNAME) entries in your self-managed DNS. For more information, see Step 3.
Post-deployment steps.
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 7 of 27
AWS account
If you don’t already have an AWS account, create one at https://aws.amazon.com by
following the on-screen instructions. Part of the sign-up process involves receiving a phone
call and entering a PIN using the phone keypad.
Your AWS account is automatically signed up for all AWS services. You are charged only for
the services you use.
Technical requirements
Before you launch the Quick Start, your account must be configured as specified in the
following table. Otherwise, deployment might fail.
Resources If necessary, request service quota increases for the following resources. You might do
this if an existing deployment uses these resources and you risk exceeding the default
quotas. The Service Quotas console displays your usage and quotas for some aspects of
some services. For more information, see the AWS documentation.
Resource This deployment uses
VPCs 1
Elastic IP addresses 1
IAM roles 8
Auto Scaling groups 14
Application Load
Balancers 2
Network Load
Balancers 7
m5a.xlarge instances 15
t2.large instances 1
Regions This deployment includes AWS Secrets Manager, which isn’t currently supported in all
AWS Regions. For a current list of supported Regions, see Service endpoints and quotas
in the AWS documentation.
Key pair Ensure that at least one Amazon EC2 key pair exists in your AWS account in the Region
where you plan to deploy the Quick Start. Make note of the key pair name. You need it
during deployment. To create a key pair, follow the instructions in the AWS
documentation.
For testing or proof-of-concept purposes, we recommend creating a new key pair
instead of using one that’s already being used by a production instance.
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 8 of 27
IAM permissions Before launching the Quick Start, you must log in to the AWS Management Console
with IAM permissions for the resources and actions the templates deploy. The
AdministratorAccess managed policy within IAM provides sufficient permissions,
although your organization may choose to use a custom policy with more restrictions.
Prepare for the Sitecore deployment
This Quick Start requires that you sign up with Sitecore to obtain the Sitecore XP 9.3
resource files.
1. Obtain a temporary Sitecore license or contact your Sitecore sales representative or
Sitecore partner for a full Sitecore license.
2. Upload the license file to an S3 bucket into a prefix called “license.”
3. Download the Sitecore XP 9.3 XP1 scaled installation files.
4. Extract the contents of the .zip file, but don’t extract any of the resulting .zip files. Using
the same S3 bucket as the license file, upload these extracted files into a prefix called
“resources.”
5. Create a certificate in Amazon Certificate Manager (ACM) for your Sitecore deployment
in the Region where you deploy the Quick Start. This certificate must be created as a
wildcard certificate for your Sitecore domain (for example, *.example.com).
This Quick Start can optionally deploy a server for Apache Solr search. This Solr
deployment, however, is a development server and not recommended for production use. It
is therefore suggested that you provide a URL to your production Apache Solr search server
or cluster when deploying this Quick Start.
Deployment options
This Quick Start provides two deployment options:
Deploy Sitecore XP 9.3 into a new VPC (end-to-end deployment). This option
builds a new AWS environment consisting of the VPC, subnets, NAT gateways, security
groups, bastion hosts, and other infrastructure components. It then deploys Sitecore XP
9.3 into this new VPC.
Deploy Sitecore XP 9.3 into an existing VPC. This option provisions Sitecore XP
9.3 in your existing AWS infrastructure.
The Quick Start provides separate templates for these options. It also lets you configure
Classless Inter-Domain Routing (CIDR) blocks, instance types, and Sitecore XP 9.3
settings, as discussed later in this guide.
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 9 of 27
Deployment steps
Step 1. Sign in to your AWS account
1. Sign in to your AWS account at https://aws.amazon.com with an IAM user role that has
the necessary permissions. For details, see Planning the deployment, earlier in this
guide.
2. Ensure that your AWS account is configured correctly, as discussed in the Technical
requirements section.
Step 2. Launch the Quick Start
Note: You are responsible for the cost of the AWS services used while running this
Quick Start reference deployment. There is no additional cost for using this Quick
Start. For full details, see the pricing pages for each AWS service used by this Quick
Start. Prices are subject to change.
1. Sign in to your AWS account, and choose one of the following options to launch the
AWS CloudFormation template. For help with choosing an option, see Deployment
options, earlier in this guide.
Deploy Sitecore XP 9.3 into a
new VPC on AWS
Deploy Sitecore XP 9.3 into an
existing VPC on AWS
Important: If you deploy Sitecore XP 9.3 into an existing VPC, ensure that your
VPC has two private subnets in different Availability Zones for the workload
instances and that the subnets aren’t shared. This Quick Start doesn’t support shared
subnets. These subnets require NAT gateways in their route tables to allow the
instances to download packages and software without exposing them to the internet.
Also, ensure that the domain name option in the Dynamic Host Configuration
Protocol (DHCP) is configured according to the Amazon VPC documentation.
Provide your VPC settings when you launch the Quick Start.
• new VPC
• workloadDeploy • workload onlyDeploy
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 10 of 27
Each deployment takes about 1–1.5 hours to complete.
2. Check the AWS Region that’s displayed in the upper-right corner of the navigation bar,
and change it if necessary. This is where the network infrastructure for Sitecore XP 9.3
is built. The template is launched in the US East (Ohio) Region by default.
Note: This deployment includes Amazon EFS, which isn’t currently supported in all
AWS Regions. For a current list of supported Regions, see endpoints and quotas.
3. On the Create stack page, keep the default setting for the template URL, and then
choose Next.
4. On the Specify stack details page, change the stack name if needed. Review the
parameters for the template. Provide values for the parameters that require input. For
all other parameters, review the default settings and customize them as necessary.
In the following tables, parameters are listed by category and described separately for
the two deployment options:
– Parameters for deploying Sitecore XP 9.3 into a new VPC
– Parameters for deploying Sitecore XP 9.3 into an existing VPC
When you finish reviewing and customizing the parameters, choose Next.
OPTION 1: PARAMETERS FOR DEPLOYING SITECORE XP 9.3 INTO A NEW VPC
View template
VPC network configuration:
Parameter label
(name) Default Description
VPC CIDR
(VPCCIDR)
10.0.0.0/16 CIDR block for the VPC.
Private subnet 1A
CIDR
(PrivateSubnet1ACIDR)
10.0.0.0/19 CIDR block for private subnet 1 located in Availability Zone 1.
Private subnet 2A
CIDR
(PrivateSubnet2ACIDR)
10.0.32.0/19 CIDR block for private subnet 2 located in Availability Zone 2.
Public subnet 1 CIDR
(PublicSubnet1CIDR)
10.0.128.0/20 CIDR block for the public (DMZ) subnet 1 located in
Availability Zone 1.
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 11 of 27
Parameter label
(name) Default Description
Public subnet 2 CIDR
(PublicSubnet2CIDR)
10.0.144.0/20 CIDR block for the public (DMZ) subnet 2 located in
Availability Zone 2.
Availability Zones
(AvailabilityZones)
Requires input List of Availability Zones to use for the subnets in the VPC.
RDGW configuration:
Parameter label
(name) Default Description
RD Gateway
administrator
(AdminUser)
StackAdmin Administrator name for the new Remote Desktop Gateway
(RD Gateway).
RD Gateway
administrator
password
(AdminPassword)
Requires input Administrator password. It must be at least 8 alphanumeric
characters containing letters, numbers, and symbols.
RD Gateway DNS
(DomainDNSName)
example.com Fully qualified domain name (FQDN), e.g., “example.com.”
Number of RD
Gateway hosts
(NumberOfRDGWHosts)
1 Enter the number of RD Gateway hosts to create.
RD Gateway instance
type
(RDGWInstanceType)
t2.large Amazon EC2 instance type for the first RD Gateway instance.
Allowed RD Gateway
external access CIDR
(RDGWCIDR)
Requires input Allowed CIDR block for external access to the RD Gateways.
Key pair name for RD
Gateway
(KeyPairName)
Requires input Key pairs allow you to securely connect to your instance after
it launches.
Sitecore networking configuration:
Parameter label
(name) Default Description
Content delivery
FQDN
(CDDNSName)
Requires input Fully qualified domain name for the content delivery role
(e.g., home.example.com).
Content management
FQDN
(CMDNSName)
Requires input Fully qualified domain name for the content management
role.
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 12 of 27
Parameter label
(name) Default Description
Identity server FQDN
(ISDNSName)
Requires input Fully qualified domain name for the identity server role.
Internal DNS suffix
(IntDNS)
Optional Internal DNS name. If left blank, one is generated for you.
External ACM ARN
(ExternalCertificate
ARN)
Optional Provide the Amazon Resource Name (ARN) of the wildcard
certificate created in ACM. If one is not provided, a wildcard
certificate is created. If you provide an ARN, you do not need
to provide details for ExternalCertFQDN or
ExternalR53ZoneID.
External certificate
domain name
(ExternalCertFQDN)
Optional External domain name for the Sitecore deployment (e.g.,
example.com). This is created in ACM as a wildcard certificate
(e.g., *.example.com) if no value is provided for
ExternalCertificateARN.
External Route 53
zone ID
(ExternalR53Zone
ID)
Optional Provide the Route 53–hosted zone ID for ExternalCertFQDN
if you require certificate validation to be done via DNS. If no
Route 53–hosted zone ID is provided, validation is done via
email.
Sitecore configuration:
Parameter label
(name) Default Description
Minimum content
delivery instances
(CDMinSize)
1 Minimum number of content delivery instances available.
Maximum content
delivery instances
(CDMaxSize)
3 Maximum number of content delivery instances available.
Desired content
delivery instances
(CDDesiredCapacity)
2 Desired number of content delivery instances available.
Content delivery
(CDInstanceType)
m5a.xlarge Content delivery instance type.
Content delivery
scaling metric
(CDScalingMetric)
ASGAverageCPU
Utilization
Metric used to determine scaling of the content delivery role.
Content delivery
scaling metric value
(CDScalingMetric
Value)
70 Value required for the scaling metric (for
ASGAverageNetworkIn, this value is in bytes).
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 13 of 27
Parameter label
(name) Default Description
Minimum content
management
instances
(CMMinSize)
1 Minimum number of content management instances
available.
Maximum content
management
instances
(CMMaxSize)
2 Maximum number of content management instances
available.
Content management,
identity, reference
data
(CmIdRdInstanceType)
m5a.xlarge Instance type, applied to the roles of content management,
identity, and reference data.
Content management
scaling metric
(CMScalingMetric)
ASGAverageCPU
Utilization
Metric used to determine scaling of the content management
role.
Content management
scaling metric value
(CMScalingMetric
Value)
70 Value required for the scaling metric (for
ASGAverageNetworkIn, this value is in bytes).
Collection, collection–
search instance type
(CollCSInstanceType)
m5a.xlarge Instance type, applied to the roles of collection, collection
search.
Marketing
automation, cortex
processing,
processing
(MaCpPrcInstanceType)
m5a.xlarge Instance type, applied to the roles of marketing automation,
cortex processing, and processing.
Marketing automation
reporting, cortex
reporting, reporting
(MarCrRepInstance
Type)
m5a.xlarge Instance type, applied to the roles of marketing automation
reporting, cortex reporting, and reporting.
EC2 key pair for
Sitecore instances
(SitecoreKeyPair)
Requires input EC2 key pair to use for the Sitecore instances.
Sitecore installation
prefix
(SitecorePrefix)
Requires input Prefix to be used for the Sitecore installation. This is limited to
8 characters.
Sitecore resources S3
bucket
(SitecoreS3Bucket)
Requires input S3 bucket name where the Sitecore 9.3 resources are located
(installation files, license file, etc.). This deployment puts
objects into this bucket.
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 14 of 27
Parameter label
(name) Default Description
Sitecore installation
files prefix
(SCResourcesPrefix)
resources/ Prefix in the S3 bucket for the Sitecore installation files (e.g.,
resources/).
Sitecore license file
prefix
(SCLicensePrefix)
license/ Prefix in the S3 bucket for the license .zip file (e.g., license/).
Solr server/cluster
URL
(SOLRUrl)
Optional URL of your Solr server/cluster. If no URL is provided, a
development Solr instance is created. Note: This development
Solr instance should not be used within a production
environment.
Solr cores prefix
(SOLRCorePrefix)
Requires input If you provided a Solr URL, this is the prefix of your pre-
configured Solr cores. If no Solr URL provided, this is the
prefix used for the Solr cores on the development Solr
instance.
Sitecore environment
type
(EnvironmentType)
Production Type of Sitecore deployment.
Sitecore log level
(SCLogLevel)
Information Sitecore deployment configured log level.
SQL Server configuration:
Parameter label
(name) Default Description
Database instance
class
(DBInstanceClass)
db.r4.2xlarge Name of the compute and memory capacity class of the
database instance.
Database auto minor
version upgrade
(DBAutoMinorVersion
Upgrade)
true If set to true, minor engine upgrades are applied to the
database instance. If set to false, minor engine upgrades are
not applied to the database instance.
MSSQL database
engine edition
(SQLEngineEdition)
sqlserver-se MSSQL database engine edition.
MSSQL database
engine version
(SQLEngineVersion)
14.00.3223.3.v1 MSSQL database engine version.
MSSQL always on
(SQLAlwaysOn)
Optional Set to true if you want SQL to be always on (high availability)
for the deployment. Beware that this only applies when
SQLEngineEdition is set to sqlserver-ee (Enterprise
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 15 of 27
Parameter label
(name) Default Description
Edition) as the MSSQL database engine edition. If set to
false, SQL will be deployed to one Availability Zone.
Data volume size
(VolumeSize)
500 Volume size (GB) for the SQL data, logs, and TempDb
volumes.
Data volume type
(VolumeType)
gp2 Volume type for the SQL data, logs, and TempDb volumes.
Data volume IOPS
(VolumeIops)
1000 Provisioned IOPS for the SQL data, logs, and TempDb
volumes. This parameter only applies when VolumeType is set
to io1.
ElastiCache Redis configuration:
Parameter label
(name) Default Description
Redis cache node type
(CacheNodeType)
cache.m4.large Instance type the nodes are launched under.
Redis port
(RedisPort)
6379 Port number for Redis ElastiCache.
AWS Quick Start configuration:
Note: Unless you are customizing the Quick Start templates for your own
deployment projects, we recommend keeping the default values for the following
three parameters. Changing them automatically updates code references to point to a
new Quick Start location. For more information, see the Quick Start Contributor’s
Guide.
Parameter label
(name) Default Description
Quick Start S3 bucket
name
(QSS3BucketName)
aws-quickstart S3 bucket name for the Quick Start assets. Quick Start bucket
name can include numbers, lowercase letters, uppercase
letters, and hyphens (-). It cannot start or end with a
hyphen (-).
Quick Start S3 bucket
Region
(QSS3BucketRegion)
us-east-1 AWS Region where the Quick Start S3 bucket
(QSS3BucketName) is hosted. When using your own bucket,
you must specify this value.
Quick Start S3 key
prefix
(QSS3KeyPrefix)
quickstart-sitecore-
xp/
S3 key prefix for the Quick Start assets. Quick Start key prefix
can include numbers, lowercase letters, uppercase letters,
hyphens (-), and forward slash (/).
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 16 of 27
OPTION 2: PARAMETERS FOR DEPLOYING SITECORE XP 9.3 INTO AN EXISTING VPC
View template
Network configuration:
Parameter label
(name) Default Description
VPC CIDR
(VPCCIDR)
10.0.0.0/16 CIDR block for the VPC.
VPC ID
(VPCID)
Requires input ID of the VPC (e.g., vpc-0343606e).
Private subnet 1A ID
(PrivateSubnet1A)
Requires input ID of the private subnet 1 in Availability Zone 1 (e.g., subnet-
a0246dcd).
Private subnet 2A ID
(PrivateSubnet2A)
Requires input ID of the private subnet 2 in Availability Zone 2 (e.g., subnet-
a0246dcd).
Public subnet 1 ID
(PublicSubnet1)
Requires input Public subnet in Availability Zone 1.
Public subnet 2 ID
(PublicSubnet2)
Requires input Public subnet in Availability Zone 2.
Sitecore networking configuration:
Parameter label
(name) Default Description
Content delivery
FQDN
(CDDNSName)
Requires input Fully qualified domain name for the content delivery role.
(e.g., home.example.com).
Content management
FQDN
(CMDNSName)
Requires input Fully qualified domain name for the content management
role.
Identity server FQDN
(ISDNSName)
Requires input Fully qualified domain name for the identity server role.
Internal DNS suffix
(IntDNS)
Optional Internal DNS name. If left blank, one is generated for you. If
you have a private Route 53–hosted zone or private DNS
connected to your VPC, please provide the DNS suffix of the
hosted zone.
Internal Route 53–
hosted zone ID
(IntVPCR53Zone)
Optional If you already have a private Route 53–hosted zone connected
to your VPC, please provide the Route 53–hosted zone ID.
Private (non-Route
53) DNS
(VPCPrivateDNS)
false Set to true if you have your own provided DNS servers for
your VPC. Should you have your own DNS servers, you must
create Canonical Name Record (CNAME) entries for the
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 17 of 27
Parameter label
(name) Default Description
Sitecore roles. Please see the deployment guide for details. Set
to false if you have a private Route 53–hosted zone connected
to your VPC.
External ACM ARN
(ExternalCertificate
ARN)
Optional Provide the Amazon Resource Name (ARN) of the wildcard
certificate created in ACM. If one is not provided, a wildcard
certificate is created. If you provide an ARN, you do not need
to provide details for ExternalCertFQDN or
ExternalR53ZoneID.
External certificate
domain name
(ExternalCertFQDN)
Optional External domain name for the Sitecore deployment (e.g.,
example.com). This is created in ACM as a wildcard certificate
(e.g., *.example.com) if no value is provided for
ExternalCertificateARN.
External Route 53
zone ID
(ExternalR53ZoneID)
Optional If you require certificate validation via DNS, provide the
Route 53–hosted zone ID for ExternalCertFQDN. If no Route
53–hosted zone ID is provided, validation is done via email.
Sitecore configuration:
Parameter label
(name) Default Description
Minimum content
delivery instances
(CDMinSize)
1 Minimum number of content delivery instances available.
Maximum content
delivery instances
(CDMaxSize)
3 Maximum number of content delivery instances available.
Desired content
delivery instances
(CDDesiredCapacity)
2 Desired number of content delivery instances available.
Content delivery
(CDInstanceType)
m5a.xlarge Content delivery instance type.
Content delivery
scaling metric
(CDScalingMetric)
ASGAverage
CPUUtilization
Metric used to determine scaling of the content delivery role.
Content delivery
scaling metric value
(CDScalingMetric
Value)
70 Value required for the scaling metric (for
ASGAverageNetworkIn, this value is in bytes).
Minimum content
management
instances
(CMMinSize)
1 Minimum number of content management instances
available.
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 18 of 27
Parameter label
(name) Default Description
Maximum content
management
instances
(CMMaxSize)
2 Maximum number of content management instances
available.
Content management,
identity, reference
data
(CmIdRdInstanceType)
m5a.xlarge Instance type, applied to the roles of content management,
identity, and reference data.
Content management
scaling metric
(CMScalingMetric)
ASGAverageCPU
Utilization
Metric used to determine scaling of the content management
role.
Content management
scaling metric value
(CMScalingMetric
Value)
70 Value required for the scaling metric (for
ASGAverageNetworkIn, this value is in bytes).
Collection, collection
search
(CollCSInstance
Type)
m5a.xlarge Instance type, applied to the roles of collection and collection
search.
Marketing
automation, cortex
processing,
processing
(MaCpPrcInstanceType)
m5a.xlarge Instance type, applied to the roles of marketing automation,
cortex processing, and processing.
Marketing automation
reporting, cortex
reporting, reporting
(MarCrRepInstance
Type)
m5a.xlarge Instance type, applied to the roles of marketing automation
reporting, cortex reporting, and reporting.
EC2 key pair for
Sitecore instances
(SitecoreKeyPair)
Requires input EC2 key pair to use for the Sitecore instances.
Sitecore installation
prefix
(SitecorePrefix)
Requires input Prefix to be used for the Sitecore installation. This is limited to
8 characters.
Sitecore resources S3
bucket
(SitecoreS3Bucket)
Requires input S3 bucket name where the Sitecore 9.3 resources are located
(installation files, license file, etc.). This deployment puts
objects into this bucket.
Sitecore installation
files prefix
(SCResourcesPrefix)
resources/ Prefix in the S3 bucket for the Sitecore install files (e.g.,
resources/).
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 19 of 27
Parameter label
(name) Default Description
Sitecore license file
prefix
(SCLicensePrefix)
license/ Prefix in the S3 bucket for the license.zip file (e.g., license/).
Solr server/cluster
URL
(SOLRUrl)
Optional URL of your Solr server/cluster. If no URL is provided a
development Solr instance is created for this Sitecore
deployment. Note: This development Solr instance should not
be used within a production environment.
Prefix of the Solr
cores
(SOLRCorePrefix)
Requires input If you provided a Solr URL, this is the prefix of your pre-
configured Solr cores. If no Solr URL provided, this is the
prefix used for the Solr cores on the development Solr
instance.
Sitecore environment
type
(EnvironmentType)
Production Type of Sitecore deployment.
Sitecore log level
(SCLogLevel)
Information Sitecore deployment configured log level.
SQL Server configuration:
Parameter label (name) Default Description
Database instance class
(DBInstanceClass)
db.r4.2xlarge Name of the compute and memory capacity class of the
database instance.
Database auto minor
version upgrade
(DBAutoMinorVersion
Upgrade)
false If set to true, minor engine upgrades are applied to the
database instance. If set to false, minor engine upgrades are
not applied to the database instance.
MSSQL database
engine edition
(SQLEngineEdition)
sqlserver-se MSSQL database engine edition.
MSSQL database
engine version
(SQLEngineVersion)
14.00.3223.3.v1 MSSQL database engine version.
MSSQL always on
(SQLAlwaysOn)
Optional Set to true if you want SQL to be always on (high
availability) for the deployment. Beware that this only
applies if SQLEngineEdition is set to sqlserver-ee as the
MSSQL database engine edition. If set to false, SQL is
deployed to one Availability Zone.
Data volume size
(VolumeSize)
500 Volume size (GB) for the SQL data, logs, and TempDb
volumes.
Data volume type
(VolumeType)
gp2 Volume type for the SQL data, logs and, TempDb volumes.
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 20 of 27
Parameter label (name) Default Description
Data volume IOPS
(VolumeIops)
1000 Provisioned IOPS for the SQL data, logs, and TempDb
volumes. This parameter only applies when VolumeType is
set to io1.
Retention period
(BackupRetentionPeriod)
7 Number of days for which automated backups are retained.
To enable backups, set this parameter to a positive number.
To disable automated backups, set this parameter to zero.
Redis ElastiCache configuration:
Parameter label
(name) Default Description
Redis cache node type
(CacheNodeType)
cache.m4.large Instance type the nodes are launched under.
Redis port
(RedisPort)
6379 Port number to be used for Redis ElastiCache.
AWS Quick Start configuration:
Note: Unless you are customizing the Quick Start templates for your own
deployment projects, we recommend keeping the default values for the following two
parameters. Changing them automatically updates code references to point to a new
Quick Start location. For more information, see the Quick Start Contributor’s Guide.
Parameter label
(name) Default Description
Quick Start S3 bucket
name
(QSS3BucketName)
aws-quickstart If you decide to customize the Quick Start for your own use,
this is the S3 bucket you created for your Quick Start assets.
The bucket name can contain numbers, lowercase letters,
uppercase letters, and hyphens (-), but should not start or end
with a hyphen (-).
Quick Start S3 bucket
Region (QSS3BucketRegion)
us-east-1 AWS Region where the Quick Start S3 bucket
(QSS3BucketName) is hosted. When using your own bucket,
you must specify this value.
Quick Start S3 key
prefix
(QSS3KeyPrefix)
quickstart-sitecore-
xp/
S3 key name prefix used to simulate a folder for your copy of
Quick Start assets. You must use this if you want to customize
the Quick Start for your own use. This prefix can include
numbers, lowercase letters, uppercase letters, hyphens (-), and
forward slashes (/).
5. On the options page, you can specify tags (key-value pairs) for resources in your stack
and set advanced options. When you’re done, choose Next.
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 21 of 27
6. On the Review page, review and confirm the template settings. Under Capabilities,
select the two check boxes to acknowledge that the template creates IAM resources and
might require the capability to auto-expand macros.
7. Choose Create stack to deploy the stack.
8. Monitor the status of the stack. When the status is CREATE_COMPLETE, the
Sitecore XP 9.3 cluster is ready.
9. Use the URLs displayed in the Outputs tab for the stack to view the create resources.
Figure 3: Sitecore XP 9.3 outputs after successful deployment
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 22 of 27
Step 3. Post-deployment steps
Once the Quick Start deployment completes successfully, create DNS entries in your
internet-facing DNS for the content delivery, content management, and identity servers.
These CNAME entries correspond to the names provided in the initial parameters for the
deployment and point to the listed ExternalALBDNS value in the outputs for SitecoreStack.
If you deploy this Quick Start into an existing VPC using your self-managed DNS, you must
create DNS CNAME entries for the Sitecore roles. The required CNAME host name and
corresponding load balancer DNS can be found in the outputs of RolesStack and SitecoreStack,
respectively. When it’s updated, log in to the instance that hosts the marketing automation
role, and start the Sitecore marketing automation windows service.
Step 4. Test the deployment
Use a web browser to find the DNS name you provided for the content delivery role.
To log in to Sitecore, retrieve the administrator password by opening AWS Secrets Manager
from within the Region where you deployed this Quick Start. Search for “sitecoreadmin” to
find the password value.
When you have the password, use a web browser to find the DNS name for either the
content delivery role or content management role. Append /sitecore/admin to the DNS
name. This displays the login screen where you can log in and configure your Sitecore
environment.
Best practices for using Sitecore XP 9.3 on AWS
Use AWS CloudFormation for ongoing management.
We recommend using the AWS CloudFormation console to manage updates and deletions
for the resources that this Quick Start creates. Use the Amazon EC2 console, AWS
command line interface (CLI), or application programming interface (API) to change or
delete resources created by this Quick Start. Otherwise, future AWS CloudFormation
operations on the stack may behave unexpectedly.
All Sitecore instances are in the private subnet, so there is no access to them from the
internet. Both Amazon RDS and Amazon ElastiCache are accessible only from within the
VPC and not from the internet. All traffic is routed to the Sitecore instances via the
deployed load balancers.
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 23 of 27
Other useful information
Personalized content on Sitecore roles
Once the deployment of the Sitecore Quick Start is complete, you have a default installation
of Sitecore XP 9.3 in your AWS account. Your custom Sitecore site must then be deployed to
the Sitecore roles. Any media for your site (for example, pictures and videos) should be
stored within an S3 bucket and referenced within the website’s code. Storing local media
content through Sitecore roles should be avoided because it can increase the load on your
content instances. It may also affect Auto Scaling because it takes time to transfer media to
a new instance.
Parameter Store
All Sitecore role installations are done via the Sitecore Installation Framework (SIF). Using
SIF allows parameters to be passed to the Sitecore role installation when the instance starts
for the first time. All of these parameters are stored within AWS Systems Manager
Parameter Store. If any of the values within Parameter Store are updated, the instances can
be deleted so that when the instance starts up, the Sitecore installation uses the updated
parameter values. For example, this could be used to update the Solr URL or Solr Core
prefix for the Sitecore roles.
Secrets Manager
All Sitecore passwords are generated via AWS Secrets Manager. They are referenced when
the databases are created and the Sitecore roles are installed.
Sitecore certificates
Because Sitecore requires Secure Sockets Layer (SSL) communication between roles, an
internal self-signed certificate is generated. This certificate is imported into the certificate
store on the Sitecore AMI and then exported and stored in the S3 bucket provided in the
deployment parameters. The certificate is then converted and imported into ACM via a
Lambda function and used on the internal Application Load Balancer for the HTTPS
listener. All other internal Sitecore roles sit behind their own Network Load Balancers
because they require TLS pass-through.
The certificate is valid for five years from the date of installation. Should a new certificate be
needed for the Sitecore deployment, one can be generated by running the sc-new-
certs.ps1 script, which can be found in the C:\quickstart\scripts folder. When it’s
generated, the certificate must be converted, imported into ACM, and updated on the
internal Application Load Balancer listener.
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 24 of 27
Sitecore Internet Information Service configurations
Because Sitecore is a database- and personalization-driven CMS, the Sitecore Internet
Information Service (IIS) must be configured for preloaded content, and the application
pool must always be running. When you install a Sitecore role, the corresponding
application pool is set to AlwaysRunning and the website is set to preload content.
Redis for session management
While the content delivery role installs, the Sitecore configuration files update for both
private- and shared-session management. If these files are overwritten by custom content,
they must be updated with the correct Redis details.
The URL for Redis can be found in the CloudFormation outputs, or in the SSM Parameter
Store.
FAQ
Q. I encountered a CREATE_FAILED error when I launched the Quick Start.
A. If AWS CloudFormation fails to create the stack, we recommend that you relaunch the
template with Rollback on failure set to Disabled. (This setting is under Advanced in
the AWS CloudFormation console, Options page.) With this setting, the stack’s state is
retained, and the instance is left running so you can troubleshoot the issue. (For Windows,
look at the log files in %ProgramFiles%\Amazon\EC2ConfigService and C:\cfn\log.)
Important: When you set Rollback on failure to Disabled, you continue to
incur AWS charges for the stack. Please ensure to delete the stack when you finish
troubleshooting.
For additional information, see Troubleshooting AWS CloudFormation on the AWS
website.
Q. I encountered a size limitation error when I deployed the AWS CloudFormation
templates.
A. We recommend that you launch the Quick Start templates from the links in this guide or
from another S3 bucket. If you deploy the templates from a local copy on your computer or
from a non-S3 location, you might encounter template size limitations. For more
information about AWS CloudFormation quotas, see the AWS documentation.
Q. When browsing the content-delivery website, I get a 504 error.
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 25 of 27
A. This issue is experienced if the content-delivery or content-management server takes
more than 60 seconds to respond to an Application Load Balancer request. Ensure that the
Sitecore role has the IIS Application Pool configured to remain running. Based on the
complexity of your website, responses from the database and other roles can also affect
response time. Ensure that the database and instances are sized correctly for your
environment.
Using browser caching or a content delivery network can also assist the caching of common
content and therefore reduce the load on the Sitecore environment.
Q. When I try to log in to the Sitecore administrator interface, I get an incorrect
password error.
A. Despite installation logs that show the password was correctly configured, there are
known issues where the specified Sitecore administrator password in AWS Secrets Manager
is not successfully applied. To log in, you must reset the password in the Sitecore Core
database.
Q. How do I update SSL certificates when they expire?
A. Please see the Other useful information section for guidance about updating internal
Sitecore certificates.
Q. Where are the deployment logs?
A. All resources and logs for deployments are found either in Amazon CloudWatch Logs or
in the instances themselves under C:\resources\logs\.
Q. How do I apply a new license?
A. When a Sitecore license expires, manually update it for each instance by copying your
Sitecore license.xml file to the /site/wwwroot/App_Data directory. But, if an Auto Scaling
group creates a new instance, it attempts to retrieve the Sitecore license from the S3 bucket
and prefix provided in the initial deployment. Therefore, it’s necessary to replace the
existing license by uploading a new Sitecore license into the S3 bucket and prefix.
Send us feedback
To post feedback, submit feature ideas, or report bugs, use the Issues section of the
GitHub repository for this Quick Start. If you’d like to submit code, please review the Quick
Start Contributor’s Guide.
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 26 of 27
Additional resources
AWS resources
Getting Started with AWS
AWS General Reference
AWS Glossary
AWS services
AWS CloudFormation
Amazon EBS
Amazon EC2
IAM
Amazon VPC
Sitecore XP 9.3 documentation
Developer and platform administration documentation
Other Quick Start reference deployments
AWS Quick Start home page
Document revisions
Date Change In sections
May 2020 Initial publication —
Amazon Web Services – Sitecore XP 9.3 on the AWS Cloud May 2020
Page 27 of 27
© 2020, Amazon Web Services, Inc. or its affiliates, and <partner organization>. All rights
reserved.
Notices
This document is provided for informational purposes only. It represents AWS’s current product offerings
and practices as of the date of issue of this document, which are subject to change without notice. Customers
are responsible for making their own independent assessment of the information in this document and any
use of AWS’s products or services, each of which is provided “as is” without warranty of any kind, whether
express or implied. This document does not create any warranties, representations, contractual
commitments, conditions or assurances from AWS, its affiliates, suppliers or licensors. The responsibilities
and liabilities of AWS to its customers are controlled by AWS agreements, and this document is not part of,
nor does it modify, any agreement between AWS and its customers.
The software included with this paper is licensed under the Apache License, Version 2.0 (the "License"). You
may not use this file except in compliance with the License. A copy of the License is located at
http://aws.amazon.com/apache2.0/ or in the "license" file accompanying this file. This code is distributed on
an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and limitations under the License.