Skip To Content

Enterprise geodatabases in SQL Server on Amazon Web Services

If you use an ArcGIS (Windows) Amazon Machine Image (AMI) to create a GIS Server site, you have the option to include one of the following Microsoft SQL Server instances:

  • Amazon Relational Database Service (RDS) for SQL Server
  • SQL Server Express

When you create your instance using the ArcGIS GIS Server 10.6 CloudFormation template provided by Esri, the SQL Server instance contains two precreated geodatabases: egdb and geodata. If you use the ArcGIS GIS Server 10.6.1 CloudFormatin template provided by Esri, the SQL Server instance contains one precreated geodatabase named egdb.

At 10.6, the egdb geodatabase is registered as the GIS Server site's managed database. When you publish feature or WFS-T services to a site that has a managed database, the data can be copied from the geodatabase that contains the map source data to the egdb geodatabase. This data is dependent on the service; when you delete the feature or WFS-T service, the data is deleted from the egdb geodatabase.

The geodata geodatabase created with 10.6 is intended for use as a replicated geodatabase. You can register the geodata geodatabase with the GIS Server site. When you do, designate the geodata geodatabase as a server database connection that is not the same as your publisher database connection (the publisher geodatabase being your on-premises enterprise geodatabase) and create a geodata service. You can replicate data from your on-premises enterprise geodatabase to the geodata geodatabase through the geodata service.

When you publish a feature or WFS-T service that includes the replicated data, edits made to the data through the feature service can be synchronized with the geodata service, updating the data in your on-premises enterprise geodatabase. Similarly, you can continue to edit your on-premises data and use the geodata service to synchronize those changes to the data in the geodata geodatabase.

Amazon RDS for SQL Server

Amazon Relational Database Service (RDS) performs some database maintenance tasks, so you don't have to. For example, RDS instances automatically apply database patches and create backups of your database. They are also designed to be highly available, as they can be run in multiple availabilty zones (referred to as multi-AZ deployments).

Multi-AZ deployments are the default deployment type for Amazon RDS instances; therefore, Amazon RDS for SQL Server instances you launch using ArcGIS Amazon Web Services (AWS) AMIs use this deployment type.

Note:

Because they provide enhanced availability, Amazon recommends you use multi-AZ deployments for production systems. Be aware, though, that these deployments cost more to use per hour and for storage than other deployments. Consult Amazon's pricing guide for more information.

When you use an Amazon RDS for SQL Server instance in your GIS Server site on AWS, the Amazon RDS for SQL Server instance is always separate from your GIS Server site instance.

SQL Server RDS instances do not support operating system authenticated logins. When you create your site using the ArcGIS GIS Server CloudFormation template provided by Esri, two SQL Server logins and database users are created.

  • EsriRDSAdmin: The EsriRDSAdmin user is the RDS master user, which creates the databases and sde user. EsriRDSAdmin also owns the data that is copied to EGDBHOST when you publish feature services. ArcGIS Server Cloud Builder on Amazon Web Services sets the password for this account to be the same as the password you provide for the ArcGIS Server site administrator.
  • Sde: The sde user owns the geodatabase system objects. ArcGIS Server Cloud Builder on Amazon Web Services sets the password for this account to be the same as the password you provide for the ArcGIS Server site administrator.

SQL Server RDS instances created with the Esri CloudFormation template do not have mirroring enabled by default. If you require this functionality, you must manually enable it.

If you create your site using the AWS Management Console and want to use SQL Server RDS for data storage, you need to do the following to get your geodatabase set up:

  • Use SQL Server Management Studio or TSQL to create a database.
  • Use SQL Server Management Studio or TSQL to create an sde login, database user, and schema.
  • Use SQL Server Management Studio or TSQL to grant the sde user sufficient privileges to create a geodatabase.
  • Run the Enable Enterprise Geodatabase geoprocessing tool or Python script to create a geodatabase.
    Note:

    You cannot use the Create Enterprise Geodatabase geoprocessing tool or script to create an sde user and geodatabase in SQL Server RDS.

  • Create a login, database user, and matching schema to load data, and grant the user privileges to create data. You can use the Create Database User geoprocessing tool or a Python script to do this, or you can use Management Studio or TSQL.
  • Register your geodatabase with your GIS Server site.

SQL Server Express

SQL Server Express instances are always created on the same instance as the GIS Server site.

The SQL Server Express instances use Windows-authenticated logins exclusively. They come with the following two operating system logins:

  • Administrator: This login is the ArcGIS Enterprise on Amazon Web Services instance administrator and an administrator in the SQL Server Express instance.
  • ArcGIS: This login is an administrator in the SQL Server Express instance and is the login under which ArcGIS services run. This login must have access to the data to publish services.

Both logins are members of the SQL Server sysadmin fixed server role; therefore, the egdb and geodata geodatabases are stored in the dbo schema, and any data loaded while logged in as either of these users is stored in the dbo schema in each geodatabase. As dbo, these users have full privileges on all the data loaded to the geodatabases and the SQL Server instance itself.

The passwords for these logins are set by the system. You can alter the password for the Administrator login. See Change default Windows Administrator password for instructions.