Skip to Content
Technical Articles

How to consume AWS services on SAP Cloud Platform?

Hi All,

Often, we are asked by our customers about the possibilities to integrate their SAP workloads with native hyperscaler services. SAP Cloud Platform’s cloud foundry environment provides a possibility to provision and to consume native hyperscaler services. In this blog post, let’s see how this is enabled with Amazon Web Services (AWS) using the AWS Service Broker.

The AWS Service Broker is an open source project which allows native AWS services to be exposed directly through application platforms, that implement the Open Service Broker API such as Cloud Foundry and Kubernetes. The Broker provides a simple integration of AWS Services directly within the application platform. This is based on standard Cloud Foundry patterns with service brokers. The step-by-step tutorial on how to achieve this is available in the official documentation. The following image depicts a high-level overview of the steps described in the documentation:

Once the above-depicted integration is implemented, AWS services such as AWS S3, Dynamo DB and so on are available in Cloud Foundry service marketplace as shown below:

 

With SAP’s multi-cloud strategy, we strive to provide our customers with seamless integration and reuse experience. Stay tuned for more use-cases and scenarios using the native services and I will be happy to hear your feedback as comments below.

All my best,

Harini

16 Comments
You must be Logged on to comment or reply to a post.
  • Hi Harini,

    have seen azure building native integration capabilities from ABAP layer itself for customers who decide to stay on ECC for some more time. Link here.

    Are you aware of any such initiatives from AWS.

    Regards,

    Sitakant.

    • Sitakant – Currently there is no ABAP SDK from AWS but there is a partner solution available for the same. Which AWS services would you like to access from ABAP?

      And stating the obvious, all AWS services are REST enabled, so you should be able to consume them using  HTTP client classes in ABAP.

      Thanks for your feedback.

  • You mention the tutorial is in line with the link to the official documentation. Is there a link to the tutorial you can add to the above information?

  • Hi Harini,

    Thanks for this great post, and the function provided here will be great.

    I am  following the guide you mentioned. For me its missing a little detail on the online help.

    When I create the Service Broker stack, I am creating the CloudFormation Stack in eu-west-1 in AWS – is this OK ? (I understand there will be a latency to eu-central-1 where SCP CF sits).
    I also note that the Stacks S3_REGION is us-east-1.

    The stack creates a user – so I assume the access and secret keys are for this user. Is this correct ?

    For the Security User name and password – Since the push is to Cloud Foundry, I assume these are just variables on the application aws-service-broker that it uses for the CLI authentication  ? If not can you let me know to authenticate the cf create-service-broker (see below, I am getting a 403)
    SECURITY_USER_NAME: myuser
    SECURITY_USER_PASSWORD: myuserpassword

    When I go to register the AWS Service Broker in the CLI, using the environment variables setup in the manifest and that show on the application I get a HTTP 403 (I used random-route on the push to get the unique route) :

    C:\Users\username\Box\PC\Code\nodejs\aws-sb-cf-cloudfoundry-app-1.0.1>cf create-service-broker aws-service-broker-generous-warthog myuser myuserpassword aws-service-broker-generous-warthog.cfapps.eu10.hana.ondemand.com
    Creating service broker aws-service-broker-generous-warthog as myemail@mycompany.com
    FAILED
    Server error, status code: 403, error code: 10003, message: You are not authorized to perform the requested action

    NOTE – somehow above its using or retrieving my email address, and I would have expected it to use “myuser”.

    In summary, any help in letting me know how to register this would me much appreciated.

    Peter

     

    • Hi Peter,

       

      For my case, in manifest.yml, i placed all required information from AWS account

      # Required
          AWS_ACCESS_KEY_ID:
          AWS_SECRET_ACCESS_KEY:
          SECURITY_USER_NAME:
          SECURITY_USER_PASSWORD:
          AWS_DEFAULT_REGION: us-east-1

      PS C:\My work\SAP Technology\Cloud\AWS\service broker> cf push aws-sb-cf-cloudfoundry-app-1.0.1
      Pushing app aws-sb-cf-cloudfoundry-app-1.0.1 to org xxxxxxx / space aws as xxxxxxx…
      Getting app info…
      Updating app with these attributes…
      name:                aws-sb-cf-cloudfoundry-app-1.0.1
      path:                C:\My work\SAP Technology\Cloud\AWS\service broker
      disk quota:          1G
      health check type:   port
      instances:           1
      memory:              1G
      stack:               cflinuxfs3
      routes:
      aws-sb-cf-cloudfoundry-app-101.cfapps.sap.hana.ondemand.com

      Updating app aws-sb-cf-cloudfoundry-app-1.0.1…

      and it update app automatically.

    • Hi Peter,

      As mentioned in the last step’s note here, you probably need to execute the create service broker command with the space scoped parameter as below:

      cf create-service-broker aws-service-broker <SECURITY_USER_NAME> <SECURITY_USER_PASSWORD> <URL OF THE SERVICE BROKER> –space-scoped

  • Does anyone face the error of None of the buildpacks detected a compatible application ?

     

    Downloaded app package (8.6M)
    None of the buildpacks detected a compatible application
    Exit status 222
    Error staging application: An app was not successfully detected by any available buildpack

    TIP: Use ‘cf.exe buildpacks’ to see a list of supported buildpacks.
    FAILED
    PS C:\My work\SAP Technology\Cloud\AWS\service broker> cf buildpacks
    Getting buildpacks…

    buildpack                   position   enabled   locked   filename                                       stack
    staticfile_buildpack        1          true      false    staticfile_buildpack-cflinuxfs3-v1.4.42.zip    cflinuxfs3
    java_buildpack              2          true      false    java-buildpack-cflinuxfs3-v4.19.zip            cflinuxfs3
    ruby_buildpack              3          true      false    ruby_buildpack-cflinuxfs3-v1.7.38.zip          cflinuxfs3
    sap_java_buildpack_1_9_1    4          true      false    sap_java_buildpack-v1.9.1.zip

  • Hi,

    when trying to push the app (v. 1.0.1) I get an issue with the property in the manifest file.

    Do you have any information on this? Thanks

     

    cf push
    FAILED
    Error reading manifest file:
    Property ‘${BROKER_ID}’ found in manifest. This feature is no longer supported. Please remove it and try again.

  • Hi ,

    While creating the service broker I am getting error –

    Server error, status code: 500, error code: 10001, message: An unknown error occurred.

    Do anyone have any information about how to fix it?

    Command used to create service broker-

    cf create-service-broker aws-service-broker <SECURITY_USER_NAME> <SECURITY_USER_PASSWORD> https://amit-aws-service-broker.cfapps.eu10.hana.ondemand.com –space-scoped

    Thanks..

    Amitanshu

    • Hi Amit,

      I think you are missing one dash in “–space-scoped” and the URL should be in the format “https://yourservicebroker.ondemand.com”

       

      At least this just now worked for me.

       

      Regards,

      Alex

      • Hi Alex,

        Thank you for the reply !

        I am using dash (it is not showing here in reply section 🙂 )

        I used the URL –

        cf create-service-broker amit-aws-service-broker <SECURITY_USER_NAME ><SECURITY_USER_PASSWORD> https://amit-aws-service-broker.cfapps.eu10.hana.ondemand.com –space-scoped

        Here the <SECURITY_USER_NAME > is the user created after uploading yml file in AWS  and<SECURITY_USER_PASSWORD> is my AWS login password.The same user and password is used for deployment of application in SAP CF. Am I doing something wrong here?

         

        The error is still

        Server error, status code: 500, error code: 10001, message: An unknown error occurred.

        Thanks..
        Amitanshu

  • Hi Harini Gunabalan,

    Peter Clancy has already asked this but this is still not really clear: which access key, secret and user password do we have to provide in the yaml file? A BrokerUser is created with the CloudFormation template, do we have to provide this user’s details in the manifest or the details of the user used to create the stack?

    Cheers,

    Pierre