This tutorial describes how to create an ApsaraDB RDS for SQL Server instance in the console, configure database and account information, and connect to the instance using various methods to get started with ApsaraDB RDS for SQL Server.
If you are new to ApsaraDB RDS, we recommend that you first read about the limits of ApsaraDB RDS.
Prerequisites
If you use a Resource Access Management (RAM) user to create an RDS instance, the AliyunRDSFullAccess and AliyunBSSOrderAccess policies must be attached to the RAM user. For more information, see Use RAM for resource authorization.
Costs
When you create an ApsaraDB RDS for SQL Server instance, you are charged for the instance type and storage. The fees depend on parameters such as the billing method, instance edition, instance type, storage class, and storage capacity.
1. Create an ApsaraDB RDS for SQL Server instance
Go to the ApsaraDB RDS instance creation page.
Select a Billing Method.
Billing method
Use case
Benefits
Subscription
Long-term workloads. Select Subscription and specify a Subscription Duration.
Cost-effective. Offers significant discounts for longer commitments.
Pay-as-you-go
Short-term usage, testing, or unpredictable workloads. Select Pay-as-you-go.
Flexible. Billed hourly. You can release the instance at any time to stop charges.
NoteYou can start with Pay-as-you-go and convert to subscription later once your requirements are finalized.
Select a Region.
ImportantThe region cannot be changed after the instance is created.
To minimize latency and enable connectivity over internal network, select the same Region as your ECS instances.
NoteTo connect an ECS instance to an ApsaraDB RDS instance over an internal network, the ApsaraDB RDS instance and the ECS instance must be in the same region and VPC.
To connect to an RDS instance from on-premises servers or local devices, select a region geographically closest to you. You can connect to the RDS instance using a public endpoint later.
Select the Database Engine, Edition, and Storage Type of the database.
Select an Database Engine for the database.
Select Microsoft SQL Server. Supported versions are 2012, 2016, 2017, 2019, and 2022.
Select Edition. Choose editions based on your availability and scalability needs.
Edition
Architecture
Use case
Basic Edition
Single-node. Compute is decoupled from storage.
Does not support Read-only instances.
Dev/Test environments or non-critical workloads. Cost-effective.
NoteIt takes Longer recovery time during failures.
High-availability Edition (Recommended)
Primary + Secondary. Supports automatic failover. The secondary node is strictly for standby and is not accessible.
Does not support Read-only instances.
Production environments requiring high availability (HA). Covers ~80% of use cases.
Cluster Edition (Recommended)
Primary + Secondary (Readable). Supports automatic failover. The secondary node is accessible for read operations.
Workloads requiring HA and read-scaling. Supports adding 1 to 7 read-only instances. but the read-only instances do not participate in primary node election or switchover.
Flexible cost control.
Supports readable secondary databases.
Select a Storage Type.
Recommend Enterprise SSDs (ESSDs) for high performance (See Introduction to Storage Classes). We recommend enabling Cloud Disk Encryption for enhanced data security (See Disk Encryption).
Configure network settings. The Network Type is defaulted to VPC.
Select a VPC.
Select the VPC where your application (ECS) resides.
NoteInstances must be in the same VPC to communicate over the internal network. They can reside in different vSwitches (Subnets) within that VPC.
Select whether to Add to Whitelist.
Yes (recommended): Automatically adds the VPC CIDR block to the RDS whitelist, allowing internal access from ECS instances in this VPC.
NoteIf you select No, you can set the whitelist manually after the instance is created.
Select the zone, vSwitch, and Deployment Method.
Zone
A physical location within a region.
Performance differences between zones in the same region are negligible.
Colocate your ECS and RDS instances in the same zone to minimize network latency, though cross-zone latency is negligible for most workloads.
vSwitch
A logical sub-network within a VPC. Resources must be deployed into a specific vSwitch.
Select an existing vSwitch or click Create vSwitch to create one. For more information, see Create and manage a vSwitch.
Deployment Method
Multi-zone Deployment (Recommended): The Primary and Secondary nodes are deployed in different zones.
You must explicitly configure the zone and network settings for both nodes.
Single-zone Deployment: Co-locates both nodes in the same zone. Offers minimal replication latency but lacks cross-zone redundancy.
Basic Edition supports Single-zone deployment only.
NoteFor instances with primary and secondary nodes, select Multi-zone Deployment to enable cross-zone disaster recovery.
If a zone is sold out, select a different zone.
Select an Instance Type.
Select a Category. Note that availability varies by Region and Edition; the console displays only the options currently available for your configuration.
Category
Characteristics
Best For
General-purpose
Dedicated: memory and I/O
Shared: CPU and storage
Balanced workloads requiring cost-efficiency.
Dedicated
Dedicated: CPU, memory, storage, and I/O
NoteResources are reserved exclusively for your instance.
Production workloads requiring consistent, predictable performance.
NoteNot available for the Basic Edition.
Shared
Dedicated: memory and storage
Shared: CPU
Entry-level applications or development environments.
Select a specific instance type (CPU cores, memory, maximum connections, and other specifications).
NoteFor a list of instance types, see ApsaraDB RDS for SQL Server primary instance types.
Select a Storage Capacity.
Define the storage size (increments of 5 GB). This capacity includes data, system files, transaction logs, and temporary files.
NoteLocal SSD capacity is tied to the instance type. ESSDs and standard SSDs allow for independent capacity scaling.
Optional. If you set the Billing Method parameter to Subscription, configure the Subscription Duration parameter in the upper-right corner of the page.
Alibaba Cloud provides lower prices for longer subscription durations. You can move your pointer over View Details next to the Price to view the details.
(Optional) Configure additional custom parameters.
Parameter
Description
Port
Custom database port (Default: 1433). Range: 1000–5999.
Release Protection
(Pay-as-you-go only) Prevents accidental termination of the instance. For more information, see Enable or disable release protection for an ApsaraDB RDS for SQL Server instance.
Resource Group
Logical grouping for permission management and billing.
Instance Name
Specify a custom instance name to identify the instance.
Character Set Collation Rule
Default: Chinese_PRC_CI_AS. You can also modify the character set collation after the instance is created.
Tags
If you have many instances, you can add tags to them for categorized management. For more information, see Filter instances by tag.
Privileged Account
The superuser account. You can Configure Now or Configure Later (manually create an account after the instance is created).
ImportantEach instance supports only one privileged account. The privileged account cannot be deleted.
In the upper-right corner of the page, select the Quantity.
The default value is 1. You can purchase up to 20 instances at a time.
Double check the order information. Click Confirm Order and complete the payment.
NoteFor subscription instances, check Enable Auto-renewal to prevent business interruptions due to expirationn.
If you purchase an instance on a monthly basis, the auto-renewal cycle is one month. If you purchase an instance on a yearly basis, the auto-renewal cycle is one year. The actual cycle depends on your order. You can disable auto-renewal at any time. For more information, see Renew an expired resource and Auto-renewal.
View the instance.
Navigate to the Instances list and select the appropriate region. Provisioning typically takes 1–10 minutes. Refresh the page to check the status.
2. Create a database
Go to the ApsaraDB RDS Instances list. In the top navigation bar, select the region where you created the instance in Step 1. Then, click the ID of the target instance.
In the left navigation pane, click Database Management, and then click the Create Database button.
In the panel that appears, set the database parameters.
For this tutorial, set the Database Name to
dbtestand the Supported Character Set to Chinese_PRC_CI_AS. Then, click Create.
You can view the newly created database on the Database Management page, or after you connect to the SQL Server instance.
3. Create an account
On the instance details page, click Accounts in the left navigation pane.
Click Password Policy to set the password validity period for accounts and enhance account security.
NoteShared and Serverless instances do not support setting a custom password policy. You can skip this step for these types of instances and proceed to the next one.
To configure passwords to be changed every 90 days and ensure that new passwords are used for at least 30 days, set Maximum Password Age to 90 days and Minimum Password Age to 30 days.
Click Create Account. In the pop-up panel, set the account parameters.
NoteAn error may occur if the account name is a duplicate or if you create accounts too frequently, such as before the previous account creation is complete. If this happens, check whether the account name is a duplicate or wait for the previous account creation to finish before you create the next account.
Enter a value for Database Account. For this tutorial, the value for Database Account is
testuser.Select an Account Type. RDS for SQL Server lets you create Privileged Account, Standard Account, and Super Privileged Accounts. This tutorial uses a Privileged Account as an example. For more information, see Create other types of accounts.
ImportantThe first account for an ApsaraDB RDS for SQL Server instance must be a privileged account, and each instance is allowed to have only one privileged account. This account has read and write permissions for all databases on the instance. If the creation fails, you may already have a privileged account on your instance.
In the New Password and Confirm Password fields, enter your new password.
Apply the password policy set in Step 2 to this privileged account.
Click OK to create your account.
Refresh the Accounts page to view the newly created privileged account.
4. Configure secure access to the instance
If you plan to log on to the database using the command line or a client, you must first add the IP address of your ECS instance or on-premises device to the IP whitelist of the ApsaraDB RDS for SQL Server instance. Then, obtain the internal or public endpoint of the instance based on the access type to connect to the instance. If you plan to log on to the database using Alibaba Cloud DMS, you can proceed directly to Step 5.
4.1 Set an IP whitelist
On the instance details page, click Whitelist and SecGroup in the navigation pane on the left.
Click Create Whitelist, enter a Group Name, and add the application server's IP address to the whitelist group.
Scenario
IP address to be obtained
How to obtain
Requirements for internal network access
Corresponding IP address of the container in the ACK cluster
If the container network plugin of the ACK cluster is Flannel, add the node IP address where the application is located.
If the container network plugin of the ACK cluster is Terway, add the Pod IP address where the application is located.
You can view the Pod IP address and node IP address on the pod page of the target ACK cluster.
Private IP address of the ECS instance
In the top navigation bar, select the region in which the ECS instance resides.
View the public IP address and private IP address of the ECS instance.
You want to connect to the RDS instance from an ECS instance that is inaccessible over an internal network.
Public IP address of the ECS instance
You want to connect to the RDS instance from an on-premises device.
Public IP address of the on-premises device
On the on-premises device, use a search engine such as Google to search for IP.
NoteThe IP address that is obtained using this method may be inaccurate. You can use other methods to obtain the IP address.
Click OK to save the whitelist configuration.
You can refresh the Whitelist and SecGroup page to view the newly added whitelists.
4.2 Select a connection type
Connection types are divided into internal network access and public network access. If your setup meets the conditions for internal network access, you must use the instance's internal endpoint for a remote connection. If your setup does not meet the conditions or you are using an on-premises device to access the ApsaraDB RDS for SQL Server instance, you must use the instance's public endpoint. The conditions for internal network access and the methods for obtaining internal and public endpoints are as follows:
To access the instance over an internal network, your setup must meet the following conditions:
You are using an Alibaba Cloud server, and the server and the RDS instance are in the same region and use the same network type.
If the network type for both the server and the instance is VPC, they must have the same VPC ID.
Scenario | RDS Instance Endpoint to Obtain | How to Obtain |
Meets the conditions for internal network access | RDS internal endpoint | On the instance details page, click Database Connection in the navigation pane on the left to view the instance address and port number.
Note The public endpoint is displayed only after you click Enable Public Endpoint. |
Accessing the RDS instance from an ECS instance, but the conditions for internal network access are not met | RDS public endpoint | |
Accessing the RDS instance from an on-premises device |
5. Connect to the ApsaraDB RDS for SQL Server instance
You can log on to the SQL Server database directly using Alibaba Cloud DMS, connect remotely using a client, or connect using a Java application.
Method 1: Log on to the instance using DMS
Data Management (DMS) is a one-stop data management platform that supports the entire data lifecycle. It provides features such as global data asset management, data governance, database design and development, data integration, data development, and data consumption. to help enterprises efficiently and securely extract data value and accelerate their digital transformation.
You can use DMS to quickly and conveniently log on to an ApsaraDB RDS for SQL Server instance for data management and use without needing to configure the instance's IP whitelist or select a connection type.
Go to the Instances page. In the top navigation bar, select the region in which the RDS instance resides. Then, find the RDS instance and click the ID of the instance.
Click Log On to Database to navigate to the DMS logon page.
In the Log on to Instance dialog box, enter the logon information and click Log on.
For Access Mode, select Account and Password Logon as an example.
Enter the Database Account and Database Password. For this tutorial, use the privileged account
testuserand a user-defined password.Select a Control Mode. In this example, select Flexible Management.
NoteFlexible Management is free of charge. Stable Change and Security Collaboration incur fees.
Compared to the control mode of Flexible Management, Stable Change and Security Collaboration offer more features and enhanced database control. If you are evaluating ApsaraDB RDS for SQL Server, we recommend using the Flexible Management mode.
After a successful logon, you can view the newly created database in the Logged-in Instances list on the left side of the DMS page. This tutorial uses the
dbtestdatabase as an example. You can also double-click another database to switch to it.
NoteIf the instance exists but the target database is not found in the DMS logged-in instance list, it may be for one of the following reasons:
The logon account does not have permission to access the target database: Go to the Accounts page on the RDS instance details page and click Actions in the Change Permissions column for the target account to grant permissions.
The directory cannot be displayed because metadata is not synchronized: Hover the pointer over the instance to which the target database belongs. Click the
button to the right of the instance name to refresh the database list and display the target database.
After you successfully log on to the SQL Server database in DMS, you can create databases, create tables, and query and change table data in the SQL Console.
Method 2: Connect to the instance using the SSMS client
Microsoft SQL Server Management Studio (SSMS) is a graphical interface tool for managing and working with SQL Server. It can be used to connect to different SQL Server databases, including ApsaraDB RDS for SQL Server instances, on-premises SQL Server instances, or SQL Server instances in the cloud.
This tutorial uses Microsoft SQL Server Management Studio 19.0 (SSMS) as an example to show you how to connect to an ApsaraDB RDS for SQL Server instance using a client.
We recommend that you download the latest version of the client to support all SQL Server versions.
Connecting to an instance using a client requires you to preset an IP whitelist and obtain the instance's connection address as needed.
Open the local Microsoft SQL Server Management Studio 19.0 (SSMS) client.
Select Connect > Database Engine.
Enter the logon information in the Connect to Server dialog box.
Parameter
Value in this tutorial
Description
Server name
rm-2ze****.rds.aliyuncs.com,1433
The endpoint and port number of the RDS instance. Enter the Public Endpoint and Public Port obtained when you enabled the public endpoint. Separate the endpoint and port number with a comma (,).
Authentication
SQL Server Authentication
The authentication method for SQL Server.
Login Name
testuser
Enter the account name of the RDS instance.
Password
Test_pw123
Enter the password for the RDS instance account.
To connect to the instance, click Connect.
After a successful connection, the database connection information is displayed on the left side of SSMS.
Method 3: Connect to the instance using a Java application
The following section describes how to connect to an ApsaraDB RDS for SQL Server instance using a Java application with JDBC.
Before you connect to the database, add the IP address of the application's runtime environment, such as an ECS instance or an on-premises device, to the IP whitelist of the ApsaraDB RDS for SQL Server instance. For more information, see Set a whitelist.
Add the Microsoft JDBC driver to your Maven project to access the SQL Server database.
NoteWe recommend that you choose the dependency version based on the corresponding Java version. For example, the
mssql-jdbc-12.2.0.jre8.jarfile in the 12.2.0 package should be used with Java 8 or later.To view the history of dependency versions, see the official tutorial.
<dependency> <groupId>com.microsoft.sqlserver</groupId> <artifactId>mssql-jdbc</artifactId> <version>12.2.0.jre8</version> <!-- Please check for the latest version number --> </dependency>
After you add the dependency, click
. The dependency in the pom.xmlfile is automatically downloaded.
Download the driver that matches your Java version from Microsoft JDBC Driver for SQL Server.
The Microsoft JDBC Driver for SQL Server is a Type 4 JDBC driver that provides database connectivity through the standard JDBC application programming interfaces (APIs) available on the Java platform. It can access SQL Server from any Java application, application server, or Java-enabled applet.
After you download and decompress the file, manually save the JAR file, such as
sqljdbc4.jarorsqljdbc.jar, to your project.This tutorial uses
IntelliJ IDEAas an example to demonstrate the method:
Write the sample code to connect to the SQL Server database using Java, as follows:
Replace the endpoint, database name, username, password, and SQL command in the example with your actual information. For more information, see View or change the endpoint and port number.
import java.sql.Connection; import java.sql.DriverManager; import java.sql.SQLException; import java.sql.Statement; import java.sql.ResultSet; public class testMSSQLJDBC { public static void main(String[] args) { // Enter the database endpoint. Use the internal endpoint if the application is deployed on an ECS instance. Use the public endpoint if it is deployed locally or in another environment. String url = "jdbc:sqlserver://rm-2vc367d081200******.mssql.cn-chengdu.rds.aliyuncs.com:1433;" + "database=YourDatabaseName;" + "encrypt=true;" + "trustServerCertificate=true;" + "loginTimeout=30;"; // The username and password. You must specify them if you do not use Windows Authentication. String username = "usernametest"; String password = "Passwordtest!"; // Create a connection object. Connection connection = null; try { // Load the JDBC driver. Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver"); // Establish a connection to the SQL Server database. connection = DriverManager.getConnection(url, username, password); System.out.println("Connection successful!"); // Create a Statement object to execute SQL commands. Statement statement = connection.createStatement(); // Execute an SQL query. Replace the table name and column names as needed. String sql = "SELECT TOP 10 * FROM YourTableName"; ResultSet resultSet = statement.executeQuery(sql); // Process the result set. while (resultSet.next()) { System.out.println("Column 1: " + resultSet.getString("YourColumnName1")); System.out.println("Column 2: " + resultSet.getString("YourColumnName2")); } // Close the result set. resultSet.close(); // Close the Statement object. statement.close(); } catch (ClassNotFoundException e) { e.printStackTrace(); } catch (SQLException e) { e.printStackTrace(); } finally { // Close the connection. if (connection != null) { try { connection.close(); } catch (SQLException e) { e.printStackTrace(); } } } } }Test whether the connection is successful.
Save the above code as a
SqlServerConnection.javafile. Compile and run the program in the command line or an IDE. If the configuration is correct, the program outputs a result similar to the following, which indicates that the program has successfully connected to the SQL Server database.
Next steps
Appendix: Quick start video guide
FAQ
Log on to the ApsaraDB RDS console. On the Overview page, you can view the total number of RDS instances that run different database engines within your Alibaba Cloud account. On this page, you can also view the regions in which the RDS instances are created and the number of running RDS instances in each region.
References
Create an RDS instance using an API: CreateDBInstance
For more information about how to create other types of instances, see the following topics: