Child pages
  • OpenIDM in Amazon EC2
Skip to end of metadata
Go to start of metadata


This guide will show you how to instantiate a EC2 instance with OpenIDM pre-installed, but also how to build such an image yourselves from scratch. This guide describes how to instantiate and run OpenIDM 2.1 in EC2.

If you don't have an account at AWS, you have to create one to be able to create this image. Log in or create an account at at

The OpenIDM image is based upon a "Basic Amazon Linux" 64 bit instance of type Micro (t1.micro, 613 MB). It's possible to upgrade it later if you need for instance more RAM, or more ECU's.

A default EC2 instances will get a new IP every time it's booted, and therefor also a new FQDN (Public DNS). To avoid this allocate a "Elastic IP" and associate it with the newly created OpenAM instance, if you need to access the instance using the same name or IP every time it's restarted.

Fast track

The current OpenIDM images is only available in the "EU West (Ireland) region". Make sure you switch to this region before searching for any AMI.

  • Click on “Launch Instance” from your instance menu
  • Select “Community AMIs”
  • Search for ForgeRock or OpenIDM among “Public Images” (will take some time to load)
  • From the list of ForgeRock AMI’s click the “Select” next to the image you would like to instantiate
  • Select “Micro (t1.micro, 613 MB)” from the Instance type.
  • Create a “Key Pair” if you don’t have any.
  • Create a “Security Group” if you don’t have any with the port 22 (SSH), 8080 (Appserver) and 2480 (OrientDB console) open for access 
  • Launch....
  • Associate the instance with a static IP from the Elastic IP pool (if you need to)
  • Ready to log in....

OpenIDM Admin

OpenIDM provides you with two web interfaces accessible on  the following ports and paths.

  • :8080/openidmui
  • :8080/system/console 

Login with the following credentials.

  • username: admin
  • password: admin


Open the host on the following port :2480/studio/ and fill in the following defaults to log in.

  • database: openidm
  • username: admin
  • password: admin

That's it, your done....

Manual creation of instance from scratch

Here is a guideline if you would like to create a similar image yourselves from scratch, with a default setup and configuration to run OpenIDM in Amazon EC2.

  •  Select the "Amazon Linux AMI 64-bit" server type
  •  Choose 1 instance select "Micro (t1.micro, 613 MB)" for the "Instance Type"
  •  Add some key/value pair to the instance
  •  Create a key pair (if you don't already have one you could use for SSH for this instance)
  •  Choose the "OpenIDM" security group previously created with port 22, 8080 and 2480 open.
  •  Click on "Lanuch" to create the instance, and make it active.

Install the software

Connect to the EC2 instance using your encrypted key previously created and downloaded locally using ssh similar to this command with your unique hostname.

ssh -i .ec2/openidm.pem

(Can also choose the connect option from the drop down menu of the instance, using the Java SSH client) 

When logged in then you can start installing the necessary software.

  • Open the web page for the OpenIDM Enterprise downloads:
  • Select OpenIDM, and fill in the form and accept the terms, proceed to the page with the download links.
  • Copy the link address for the OpenIDM zip file.
  • sudo wget <link address to the zip file>
  • unzip
  • cd openidm/bin
  • ./

For the given version og OpenIDM it needs some tweaks to run in EC2. Need to do some changes in the new startup file, open it in a editor like the following.

  • nano openidm

Replace the complete START_CMD with the following statement:

START_CMD="nohup $JAVA_BIN $LOGGING_CONFIG $JAVA_OPTS $OPENIDM_OPTS \                -Djava.endorsed.dirs=$JAVA_ENDORSED_DIRS \               
-classpath $CLASSPATH \               
-Dopenidm.system.server.root=$OPENIDM_HOME \               
-Djava.awt.headless=true \               
org.forgerock.commons.launcher.Main -c bin/launcher.json -w samples/workflow/cache -p samples/workflow > logs/server.out 2>&1 &"
  • sudo cp openidm /etc/init.d/
  • sudo /sbin/chkconfig --level 2345 openidm on
  • sudo /sbin/service openidm start

Then after a short while OpenIDM should be ready. Log in as described above to get started.

More examples and tutorials can be found here:


  • No labels