Using the Terraform Provider for SAP BTP to simplify Subscriber Tenant Onboarding
SAP BTP, Kyma Runtime scenario
SAP BTP, Cloud Foundry Runtime scenario
This goes out to the multitenant SaaS enthusiast and all other community members!
We’re excited to share some great news with you! We’ve just rolled out a cool new automation feature in our multitenant SaaS scenario on SAP Business Technology Platform (BTP). 😃🌐 First things first – you can once again test and validate it for free in your Trial or Free Tier environment!
This fresh Expert Feature is all about the introduction of the Terraform Provider for SAP BTP. Although it’s still in its beta phase, we’re pleased to say that the current resources it offers pretty much cover exactly what we need, especially for getting new SaaS subscribers onboarded. 🔧🔗
In case you’re curious, we’ve also set up a similar scenario using the SAP BTP Setup Automator, and you can check it out in our sample repository. 📁 The best part? This update is here to make your life as a SaaS provider a lot easier when bringing in new customers. 🎉👥
If you’re interested in all the details, head over to our SAP-samples GitHub repository. There, you’ll find all the information and a step-by-step tutorial to guide you through everything. Just make sure you’ve got our Sustainable SaaS sample application up and running on your preferred platform before you dive in! 🌱💡Just click on the link below!
Alright, let’s break down what’s happening in this Terraform automation process. In simple terms, Terraform is our trusty toolkit that lets us do a bunch of important infrastructure setup stuff in one go. We’re talking about setting up, managing, and even removing subscriber subaccounts, all in a smooth and seamless way.
This covers the whole journey, from creating the account itself, starting the multitenant SaaS subscription, assigning role collections, sorting out the Identity Provider trusts (ensuring things are secure), and making sure that even an API Service Instance and Service Key are good to go.
In a nutshell, we’re making sure everything’s in place without any hassle, thanks to Terraform doing the heavy lifting for us! 🛠️🚀
Guess what? Our sample scenario isn’t just a “one-trick pony” (funny saying by the way). It’s versatile enough to work seamlessly with SAP BTP, Kyma, and the Cloud Foundry Runtime. It’s all about what environment details you give it in your Terraform variable configuration. For this blog post, let us provide you with a brief overview, of what’s happening under the hood as soon as you run a terraform apply.
Alright, let’s break down what Terraform is up to, as laid out in the main.tf file of our sample scenario. It’s got some order to follow – for instance, it’ll only tackle those SaaS role collections once the solution is successfully subscribed.
Here’s the lowdown on Terraform’s to-do list:
- New Subscriber Subaccount: Terraform gets busy spinning up a new Subscriber Subaccount right in the Provider Global Account.
- SAP IAS Trust Setup: Terraform does its thing, setting up the Central SAP Identity Authentication Service (IAS) instance as a trusted Identity Provider.
- Advanced Trust Configuration: Using additional SAP BTP CLI commands, we finalize the trust configuration details of our new Subscriber Subaccount.
- SaaS Subscription Handling: Terraform takes care of subscribing the SaaS solution into the new Subscriber Subaccount.
- Extra Subaccount Admins: If required, terraform goes the extra mile, and equips additional admins with Subaccount Administrator permissions.
- Subaccount Viewer Role: Terraform assigns the Subaccount Viewer role collection to the SaaS admins, providing them with access to the API Service details.
- Sorting Out Role Collections: Terraform assigns Role Collections to both SaaS app users and admins, making sure everyone’s got their designated roles.
- Creating SaaS API Service Instance: Terraform instantiates a new SaaS API Service Instance, available for further consumption by the Subscriber.
- Default Service Binding: Terraform doesn’t miss a beat, making sure there’s a default Service Binding in place for that API Service Instance.
And guess what? All of this just “clicks” 😃 into place, without you needing to lift a finger. Want to see how it all looks? Check out these screenshots showing a sample Terraform setup and what awesome resources to life within SAP BTP. 📋🔧🌐
Terraform configuration variables
SaaS users +
In the same way, you can use “terraform destroy” to undo what you have set up. It wipes out all the resources you have configured. And don’t worry, it follows the rules you have set – like taking care of the API Service Instance, before deleting the SaaS subscription including our Service Broker Registration. So, it’s a neat and organized cleanup! 🧹🔨
Here are some further key takeaways from the provided Terraform sample, which could be helpful for your own SAP BTP Terraform projects or any future endeavours:
Smart Delays: We’ve added a cool delay feature that plays well with the asynchronous subscription process of our Sustainable SaaS application.
SAP BTP CLI Commands: We’ve included in a few SAP BTP CLI commands to finalize the setup and make everything align perfectly, where steps are not supported by the Terraform Provider yet.
Adapting to Different Runtimes: Depending on the configuration, our setup dynamically adapts to different runtimes and assigns different Role Collections or subscribes to different SaaS apps.
Please make sure not to miss the “Good 2 Know” section of our step-by-step tutorial, which will cover some of the limitations and further important details you must consider, when using the Terraform Provider for SAP BTP.
For more detailed info about the Terraform Provider for SAP BTP, also dive into the official resources. They’re the go-to place of everything else you need to know! 📚💡🌐
Check out the latest blog posts about the Terraform Provider for SAP BTP to learn more.
Furthermore, we encourage you to read the latest tutorial on developers.sap.com.
And finally, a big shout-out to all the colleagues who’ve been part of the Terraform Provider for SAP BTP project! Your dedication and hard work have truly made a difference. We’re grateful for all your efforts, and we’re eagerly anticipating what the future releases will bring. Keep up the fantastic work! 👏🚀🙌