Product Information
SAP Cloud Platform Update Summary Q1/2020
<< Japanese version is here. >>
This blog is a summary of SAP Cloud Platform related updates from January to March 2020.
The latest information is also announced on the What’s New page, so please check it regularly. In this blog, I will introduce the information that I was particularly interested in from the viewpoint of the author and the information for Japan.
1. Supports Azure Tokyo region
At the end of last year, Microsoft Azure’s Tokyo region became the supported data center for SAP Cloud Platform. This is the second data center in the Cloud Foundry environment for SAP Cloud Platform provided in Japan, in addition to AWS Tokyo region.
In addition, the following, which are the core services of SAP Cloud Platform, are already available. (As of April 14, 2020) You can also check the latest information here .
| API Management | Mobile Services |
| Application Logging (Large and Standard) | Object Store Service |
| Application Runtime | Open Connectors |
| Bandwidth | Portal |
| Business Rules | Process Visibility |
| Cloud Integration (Process Integration) | SAP Business Application Studio |
| Credential Store | S/4HANA Cloud Extensibility |
| Custom Domain | SAP HANA Service |
| Enterprise Messaging | Web Analytics |
| Extension Factory, serverless runtime | Transport Management |
| Identity Authentication | Workflow |
| Job Scheduler |
SAP Cloud Platform official website also introduces examples of use cases involving Azure integration, so please check them as well. (Search “Azure” in the search box linked above)
2. Identity Authentication Service supports client certificate authentication
SAP Cloud Platform Identity Authentication Service (aka IAS) finally supported the authentication method by client certificate (X.509). The release was postponed several times.
■ What we have done so far (from the perspective of authentication)
- Provides access restrictions based on source IP address and two-factor authentication function to enhance security
- Once logged on to IAS, single sign-on to web applications that have a trust relationship is possible (SAML2.0)
- The first login to IAS requires ID/Password authentication. (Excluding Kerberos authentication)
■ What you can do with this client certificate authentication support
- The appropriate client certificate has been installed PC from, you can log in to IAS without ID and password ( single sign-on )
- Providing a more secure authentication function by restricting accessible device and combining two-factor authentication
Please refer to this help for detailed setting information.
3. SAP HANA Cloud becomes GA (new SAP HANA service)
Currently, it is provided in AWS and Azure datacenters in EU and US, but it is also a roadmap scheduled to be provided in Q2 of 2020 in Japan.
Please see the blog for migration guides from on-premise SAP HANA.
4. Workflow service supports Principal Propagation
In Workflow services, you can describe a process model based on BPMN and define a service task that calls an external API in your process. Then this service task now supports Principal Propagation. This allows the API of the service task to be executed by the account of the user who is executing the workflow (the user who is operating the UI), and the data based on that user’s authority can be consumed backend data easily such as SAP S/4HANA. 
Please refer to this help for detailed setting information.
5. Preview version of SAP Graph (inquiry access only) released
SAP Graph is also a new API Gateway service announced at TechEd last year that provides APIs for multiple SAP solutions as a single endpoint. It can be accessed from the perspective of business objects without having to know which SAP solution has business data belongs to.
Until March, development was in progress as a closed beta of limited release, but the preview version was released only for inquiry access (GET request). You can access the detailed information and preview function from the official website of SAP Graph, so please give it a try.
6. Design time function of API Management supports CF environment
API Management consists of two major components: the design-time (API Portal, Developer Portal) that designs the API, and the runtime (API Gateway) that executes the designed API. Until now, in API Management of the Cloud Foundry environment, this design-time part used the API management function of the Neo environment, but now the design-time function is also provided in the Cloud Foundry environment. This is a form in which the situation where the architecture was separated has been resolved, and optimized in terms of initial settings and operation.
Please refer to this help for detailed setting information.
The above is the update for 2020 Q1. Next time, I plan to post Q2 update information in early July. Stay tuned for updates such as GA for SAP Data Intelligence, GA for ABAP Cloud in the AWS Tokyo region, and the new feature of simulation modes for Cloud Platform Integration.
Many thanks for your summary and can't expect a next Q2 posting especially ABAP cloud on AWS Tokyo!