Customer Managed vs Cloud Managed Database

Database hosting considerations for Appian Cloud customers

For Appian Cloud customers, data generated by Appian applications can be stored in the following locations: 

  1. The MariaDB database included with the Appian Cloud site
  2. One or more supported database managed by the customer, whether hosted in the customer’s infrastructure or by a vendor cloud
  3. A combination of the above options

This article provides an overview of the main factors we recommend that customers consider when making this decision for new Appian applications, ignoring where existing data required by an application may reside. 

Consideration

Appian Cloud MariaDB

Customer-Managed Database

Database management and support

MariaDB database is managed and supported by Appian as part of your Appian Cloud site. Considerations and limitations can be found here. Through Appian system groups in each environment, designated developers and administrators can receive authorization for access to the database administration console and individual schemas to view, create, modify, and delete database objects.

Managed by the customer team, typically DBAs. Authorization for other personnel determined through the database system. 

Hosting

By default, MariaDB is hosted on the same server instance as other Appian components; Appian sometimes recommends that the database be hosted on its own server in the same geographic region in Appian Cloud.

Customers have flexibility of hosting infrastructure and architecture. Some customers choose to host their self-managed database in the same geographic region or provider infrastructure as Appian Cloud to reduce network latency. 

Latency requirement for Appian Cloud

Appian Cloud ensures MariaDB is hosted in a way that satisfies latency requirements for Appian.

Appian requires ensuring latency requirements of less than 10 milliseconds and no more than 25 milliseconds between Appian Cloud and your hosted database. Detailed requirements here

Encryption of data at rest

Appian provides disk encryption for all components hosted in Appian Cloud. Additionally, Appian provides encryption options for the Appian Cloud database, including Bring Your Own Key (BYOK), as detailed in documentation. Also, Appian cloud provides Transparent Data Encryption.

Customers manage the encryption of their database and servers. 

Connectivity to Appian Cloud

Appian manages connectivity within the Appian Cloud infrastructure, including the Appian Cloud database.

Customers may choose to leverage a secure VPN, trusted IP addresses or direct connection such as AWS PrivateLink to connect Appian Cloud to their self-managed database(s). As stated above, the latency of this connection should be less than 10 milliseconds and must be no more than 25 milliseconds.

Fine-grain control over logging, configurations, and server settings

Appian provides access to the database for all actions necessary by an Appian designer.  Fine grained control of logs, configs, settings, etc required by DBA are not needed by an Appian Designer.  Logs provided appian include: 

Managed by customer team, typically by DBAs. While this enables access to more configurations and settings, database tuning for Appian applications don’t typically require these advanced configurations. Some customers prefer to use their existing database tools (e.g., monitoring) against databases hosting Appian application data.

Federated Joins

Appian Cloud allows for federated joins across different databases with Appian Record Data Synchronization, which can include a combination of Appian-managed and customer-managed data. There is currently a data synchronization limit of 2 million records, so entities larger than this limit cannot be joined across databases that include Appian Cloud MariaDB. 

Customers can control joins across databases, including for data entities beyond the current data synchronization limit of 2 million. This is provided that the underlying databases are hosted on the same database server or are using technologies that support federated joins.

Read and write access to database

Appian Cloud DB only allows for write access through Appian applications, APIs, and users. Read access via direct database connection is available via Enhanced Data Pipeline.

Read and write access is managed by the customer team, typically DBAs. Direct database operations triggered by other systems and messages that bypass APIs are not supported in the Appian Cloud database, so customers who require this need self-managed databases.

Permissions around database access

Managed via Appian groups. Manage along with application security.

Managed by the customer team, typically DBAs.

Performance impact across applications

If multiple applications use the Appian Cloud database, it may be necessary to test the applications in a coordinated effort since database resources are shared across applications and schemas. With application tuning and database design best practices, Appian customers have successfully implemented high-scale and high-throughput use cases leveraging a shared MariaDB instance.

DBAs may set up multiple databases or partition databases to provide independent resources to applications. While not necessary to support Appian applications, these actions may provide risk mitigation for inefficient application or database designs that aren’t appropriately tuned or optimized. 

Backup and disaster recovery

Backups and recovery are handled alongside the customer’s Appian Cloud site, including optional high availability and enhanced business continuity

Customer manages the backup and restore processes for databases. Database restore points, if needed, should be synchronized with Appian Cloud backups.

Conceptual data separation

It’s possible to separate data residing in the Appian Cloud MariaDB across separate schemas on the same instance. If additional separation of data across multiple database instances is required, it is possible to set up multiple Appian production sites, each with its associated database instance. Appian Cloud does not support multiple MariaDB database instances connected to the same Appian site. 

Customers have the flexibility to separate data by implementing a database topology that fits their business, performance, and compliance objectives such as utilizing multiple database instances.  

Database features

Appian provides customers access to the Appian Cloud MariaDB database via a phpMyAdmin console, which allows authorized users to create and edit objects such as tables, views, stored procedures, triggers, indexes, etc. As documented, the Appian Cloud database is not provided as a full-featured database solution; any database features beyond those accessible by the phpMyAdmin console are not available to customers. 

Customers have control over their database features and administration. While these additional capabilities are not typically required for Appian low-code applications, some customers choose to rely more on DBAs and database programming. 

Assumptions for table above: 

  • There are significant technical efforts and associated costs to migrate between databases (e.g., annotations, data types, stored procedures, etc.) for which the effort needs to be sized. For example, there are throughput and file size constraints on uploads that require further coordination and planning with Appian. Application designs with logic in the database can further complicate this as stored procedures and functions might behave differently on different database platforms. 
  • These are factors Appian customers have considered. This is not an exhaustive list of criteria that cover every scenario, and Appian strongly recommends deeper engagement to assess any specific scenario.