# SAP BusinessObjects Business Intelligence Platform on AWS Deployment and Operations Guide for Windows
*SAP specialists, Amazon Web Services*
* [Last updated](bobi-windows-document-revisions.md#bobi-windows-document-revisions.title): January 2023*
The purpose of this guide is to provide an overview of how to implement and operate SAP BusinessObjects (BO) Business Intelligence (BI) Platform (also referred in this document as SAP BOBI Platform) on Amazon Elastic Compute Cloud (Amazon EC2). This guide covers common AWS services and features that are relevant for SAP BusinessObjects BI platform. This guide is not an exhaustive list of all possible configuration options. It covers solutions common to typical deployment scenarios.
This guide is not intended to replace the standard SAP BOBI Platform installation and administration guides, operating system, or relational database management system (RDBMS) documentation.
## Overview
This guide is part of a content series that provides detailed information about hosting, configuring, and using SAP technologies in the Amazon Web Services Cloud. For the other guides in the series, ranging from overviews to advanced topics, see [SAP on AWS Technical Documentation](https://aws.amazon.com/sap/docs/).
The purpose of this guide is to provide an overview of how to implement and operate SAP BusinessObjects (BO) Business Intelligence (BI) Platform (also referred in this document as SAP BOBI Platform) on Amazon Elastic Compute Cloud (Amazon EC2). This guide covers common AWS services and features that are relevant for SAP BusinessObjects BI platform. This guide is not an exhaustive list of all possible configuration options. It covers solutions common to typical deployment scenarios.
This guide is not intended to replace the standard SAP BOBI Platform installation and administration guides, operating system, or relational database management system (RDBMS) documentation.
## General AWS Knowledge
Before you follow the configuration instructions in this guide, we recommend that you become familiar with the following AWS services. (If you are new to AWS, see [Getting Started with AWS](https://aws.amazon.com/getting-started/).)
+ [Amazon EC2](https://aws.amazon.com/documentation/ec2/)
+ [Amazon VPC](https://aws.amazon.com/documentation/vpc/)
+ [AWS Identity and Access Management (IAM)](https://aws.amazon.com/iam/)
+ [Amazon EBS](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.html)
+ [Amazon S3](https://aws.amazon.com/s3/)
+ [AWS Systems Manager](https://aws.amazon.com/systems-manager/)
+ [AWS CloudFormation](https://aws.amazon.com/documentation/cloudformation/)
# Prerequisites
Before you start implementing your SAP BOBI Platform systems, we recommend that you review these prerequisites to ensure there are minimal interruptions and delays.
## Recommended Reading
We also recommend you first read some key overview and best practice guides:
+ [SAP on AWS Overview and Planning Guide](https://docs.aws.amazon.com/sap/latest/general/sap-on-aws-overview.html)
+ [Getting Started with Architecting SAP on the AWS Cloud](https://aws.amazon.com/blogs/awsforsap/getting-started-with-architecting-sap-on-the-aws-cloud/)
+ [Best Practices for Windows on Amazon EC2](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-best-practices.html)
SAP Notes listed in the following table have useful information regarding SAP BOBI deployment in AWS.
**SAP Notes for SAP BOBI deployment on AWS**
| SAP Note | Description |
| --- | --- |
| [1588667](https://me.sap.com/notes/1588667) | SAP on AWS: Overview of related SAP notes and web links |
| [1656099](https://me.sap.com/notes/1656099) | SAP on AWS: Supported products, platforms, and landscapes |
| [2442979](https://me.sap.com/notes/2442979) | Amazon S3 recommendations for SAP BusinessObjects Business Intelligence Platform |
| [2438592](https://me.sap.com/notes/2438592) | BI Platform 4.2 Cloud Support |
## Technical Requirements
+ Ensure that any services you will use for your SAP BOBI Platform deployment are not constrained by default AWS service limits. You can find the details at [AWS Service Limits](https://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html). You can increase soft limits by submitting a support ticket to AWS.
+ Make sure that the following information is available in relevance to your existing AWS resources. You will need this information while executing AWS Command Line Interface (AWS CLI) commands to create your Amazon EC2 and Amazon Elastic Block Store (Amazon EBS) resources:
[\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/sap/latest/sap-businessobjects/bobi-windows-prerequisites.html)
+ Ensure that you have a key pair that you can use to launch your Amazon EC2 instances. See [Amazon EC2 Key Pairs and Windows Instances](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-key-pairs.html) if you need to create a key.
+ Ensure that you have the network details like VPC ID, Subnet ID, and so on, of the VPC where you plan to launch your Amazon EC2 instances to host your SAP BOBI Platform applications.
+ Ensure that the required ports are open on the security group attached to your Amazon EC2 instance to allow log in to the operating system.
+ For distributed or high availability (HA) installations, ensure that the security group attached to each application servers allows communication over the required ports between them. The easiest way to do this is to create a rule that references a security group as its own source and allow traffic on the required ports for that rule.
+ If you intend to use the AWS CLI to launch your instances, then ensure that you have installed and configured AWS CLI with the appropriate credentials. See [Configuring the AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html) for more details.
+ If you intend to use the AWS Management Console to launch your instances, then ensure that your IAM user has permission to launch and configure Amazon EC2, Amazon EBS, and so on. See the [IAM documentation](https://docs.aws.amazon.com/IAM/latest/UserGuide/introduction.html) for more details.
+ Ensure that you have the required SAP software available either via an Amazon Simple Storage Service (Amazon S3) bucket or on a file share accessible from an Amazon EC2 instance. If you use Amazon S3, make sure to assign appropriate IAM role permissions to the EC2 instance to allow S3 access.
+ All enterprise customers use DNS service. You can create a hosted zone in Amazon Route 53. You can optionally use AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft AD. This service lets your directory-aware workloads and AWS resources use managed Active Directory in the AWS Cloud. For more details on this service, see [AWS Directory Service](https://aws.amazon.com/directoryservice/) and [Create Your AWS Managed Microsoft AD directory](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_getting_started_create_directory.html).
# Planning
The following topics are important for planning the SAP BOBI Platform in AWS Cloud.
**Topics**
+ [
# Choosing a Region
](bobi-windows-choosing-a-region.md)
+ [
# Choosing an Availability Zone
](bobi-windows-choosing-an-availability-zone.md)
+ [
# Architecture Options
](bobi-windows-architecture-options.md)
+ [
# Storage
](bobi-windows-storage-plan.md)
+ [
# Sizing
](bobi-windows-sizing.md)
+ [
# High Availability (HA) and Disaster Recovery (DR)
](bobi-windows-high-availability-ha-and-disaster-recovery-dr.md)
+ [
# Security & Compliance
](bobi-windows-security-compliance.md)
+ [
# Operating System
](bobi-windows-operating-system.md)
+ [
# Compute
](bobi-windows-compute.md)
+ [
# Network
](bobi-windows-network.md)
+ [
# Storage Services
](bobi-windows-storage-services.md)
# Choosing a Region
When choosing which AWS Region to deploy your SAP environment in you should consider the following topics:
+ Proximity to your on-premises data centers, systems, and end users to minimize network latency.
+ Data residency and compliance requirements.
+ Whether the AWS products and services you plan to use are available in the Region. For a detailed list of AWS products and services by Region, see the [Region Table](https://aws.amazon.com/about-aws/global-infrastructure/regional-product-services/) page on the AWS website.
+ The Amazon EC2 instances types you plan to use are available in the Region. To view AWS Region availability for a specific instance type, see the [Amazon EC2 Instance Types for SAP](https://aws.amazon.com/sap/instance-types/) page.
# Choosing an Availability Zone
No special considerations are required when choosing an Availability Zone for your SAP deployment on AWS. If high availability (HA) is a requirement, use multiple Availability Zones. For more information about HA, see the [SAP BusinessObjects BI Platform on AWS: HA/DR Guide for Windows](https://docs.aws.amazon.com/sap/latest/sap-businessobjects/sap-bobi-ha-dr-win.html).
See [AWS Global Infrastructure](https://aws.amazon.com/about-aws/global-infrastructure) for information about AWS Regions and Availability Zones.
# Architecture Options
The server-side architecture of SAP BOBI Platform consists of five tiers: web, management, storage, processing, and data. (For details, see the administrator’s guide on the [SAP BusinessObjects Business Intelligence Platform](https://help.sap.com/viewer/product/SAP_BUSINESSOBJECTS_BUSINESS_INTELLIGENCE_PLATFORM/) website). The following list provides high-level details.
+ **Management tier:** Includes the CMS servers, event servers, and associated services.
+ **Storage tier:** Includes input and output file repository servers. The file system used by these servers to store files, such as documents, reports, and universes, must be on a shared file system.
+ **Web tier and processing tier:** Performs functions like receiving and processing user requests.
+ **Data tier:** Consists of the CMS system database and the auditing data store.
You can have following example architecture designs for the above tiers:
+ Install all tiers on the same EC2 instance.
+ Install the application and database tiers on two separate EC2 instances.
+ Install different tiers on multiple EC2 instances grouped based on customer-specific requirements.
The architecture choice depends on multiple factors like complexity, cost, sizing, and technical restrictions. For example, if you use [Amazon RDS](https://aws.amazon.com/rds/) as the database, application tiers cannot be installed with database.
## CMS and Audit Database Architecture Options
You have the choice of deploying the SAP BOBI Platform application on a standard SAP supported database like SAP HANA, SAP ASE, IBM DB2, Microsoft SQL Server, or [Amazon Relational Database Service (Amazon RDS)](https://aws.amazon.com/rds/). For supported [Amazon RDS](https://aws.amazon.com/rds/) database types, see [SAP Note 1656099 SAP on AWS: Supported SAP](https://me.sap.com/notes/1656099).
[Amazon RDS](https://aws.amazon.com/rds/) is a service that makes it easier to set up, operate, and scale a relational database in the AWS Cloud. Amazon RDS takes over many of the difficult or tedious management tasks such as backups, software patching, automatic failure detection, and recovery. You can read more about this service in [Amazon RDS documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Welcome.html).
Figure 1 shows an example large scale architecture of SAP BOBI with multi-AZ and multi-instance architecture. Web, Management, Processing, and Data tiers are all distributed on different EC2 instances. [Amazon RDS](https://aws.amazon.com/rds/) MySQL is used for CMS database.
**Figure 1: SAP BOBI with multi-AZ and multi-instance architecture**
![\[SAP BOBI with multi-AZ and multi-instance architecture\]](http://docs.aws.amazon.com/sap/latest/sap-businessobjects/images/bobi-multi-az-instance-arch-win.png)
# Storage
See the [Sizing](bobi-windows-sizing.md) section for resources on SAP’s standard recommendations. If no storage performance requirements are available, AWS recommends General Purpose SSD (gp3) as the default EBS volume type for SAP workloads.
If the installation type is distributed or HA, fileshares for the global filesystem and transport directories will need to be used across all relevant EC2 instances. In this guide we will use standard Windows filesharing features to share these directories from the EC2 instance hosting the central services. The sapinst.exe installer will create these shares automatically if it is run as a user with appropriate permissions. Customers can also use NFS-based solutions (such as [Amazon FSx](https://aws.amazon.com/fsx), third-party solutions such as those available from the [AWS Marketplace](https://aws.amazon.com/marketplace/) or custom-built solutions), but that is beyond the scope of this guide. If using such a solution in the context of a high-availability installation, consider that the NFS solution could itself be a single point of failure without appropriate protection.
# Sizing
At a high level, BOBI platform sizing is a two-step process. The first step is to get SAPS through the SAP Sizing tool [Quick Sizer](https://www.sap.com/about/benchmark/sizing.quick-sizer.html#quick-sizer). The second step is to map the output to appropriate Amazon EC2 instance types. See the SAP BOBI sizing guide available from the [SAP BusinessObjects Business Intelligence Platform help documentation](https://help.sap.com/bobi). Follow the standard SAP Quick Sizer to determine the right SAPS requirements for your workload. Once you have identified the SAPS numbers, you can use any of the AWS [SAP certified instances](https://aws.amazon.com/sap/instance-types/) for your SAP BOBI Platform instances. Make sure to read the SAP BusinessObjects Business Intelligence section of the note carefully to ensure that you meet the version, EC2 resource, operating system, and database requirements for AWS.
For sizing your storage requirements for the database and app tier, AWS provides various volume types, such as general purpose SSDs (gp3) and provisioned IOPS SSD (io2). You can read more about the differences at [Amazon EBS Volume Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html). As general guidance, we recommend that you consider the gp3 volume type as a starting point to see if it satisfies your throughput and IOPS requirement of your workload, and consider io2 volume types if you have a need for sustained IOPS.
It is easy to add capacity to your existing SAP BOBI deployment in AWS. Therefore, for migrating your existing deployment to AWS, you may not need the same degree of over-provisioning as is typical for on-premises environments.
# High Availability (HA) and Disaster Recovery (DR)
If you require a highly available BOBI environment, then it critical to design the HA and DR environment that can support the recovery time objective (RTO) and recovery point objective (RPO) that your business teams have established. For more information, see the [SAP BusinessObjects BI Platform on AWS: HA/DR Guide for Windows](https://docs.aws.amazon.com/sap/latest/sap-businessobjects/sap-bobi-ha-dr-win.html).
# Security & Compliance
The following AWS security resources help you achieve the level of security you require for your SAP NetWeaver environment on AWS:
+ [AWS Cloud Security](https://aws.amazon.com/security/)
+ [CIS AWS Foundations Benchmark](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-cis.html)
+ [Introduction to AWS Security](https://docs.aws.amazon.com/whitepapers/latest/introduction-aws-security/welcome.html)
+ [Best Practices for Security, Identity, & Compliance](https://aws.amazon.com/architecture/security-identity-compliance/)
+ [AWS Well-Architected Framework Security Pillar](https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/welcome.html)
+ [Network and security features for Windows and Amazon EC2](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-network-and-security.html)
## OS Hardening
You may want to lock down the OS configuration further, for example, to avoid providing a NetWeaver administrator with root credentials when logging into an instance.
We provide guidance on how to best secure your Windows EC2 instances:
+ Read our [best practices guide for securing Windows on EC2](https://aws.amazon.com/answers/security/aws-securing-windows-instances/)
+ Use [Amazon Inspector](https://aws.amazon.com/inspector/faqs/), an automated security assessment service that helps you test the network accessibility of your Amazon EC2 instances and the security state of your applications running on the instances.
## Encryption
Security is a priority on AWS. A core aspect of securing your workloads is encrypting your data, both at rest and in transit.
When you create an [encrypted EBS volume](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) and attach it to a supported instance type, the following types of data are encrypted:
+ Data at rest inside the volume
+ All data in transit between the volume and the instance
+ All snapshots created from the volume
+ All volumes created from those snapshots
Encryption operations occur on the servers that host EC2 instances, ensuring the security of both data at rest and data in transit between an instance and its attached EBS storage. You can expect the same IOPS performance on encrypted volumes as on unencrypted volumes, with a minimal effect on latency. Encryption and decryption are handled transparently and they require no additional action from you or your applications.
Similarly, all Amazon FSx file systems are encrypted at rest with keys managed using AWS Key Management Service (AWS KMS). Data is automatically encrypted before being written to the file system, and automatically decrypted as it is read. These processes are handled transparently by Amazon FSx, so you don’t have to modify your applications.
For Amazon S3, you can protect data in transit by using SSL or client-side encryption, and protect data at rest by using either server-side encryption or client-side encryption.
You can find more information about encryption from the specific service documentation:
+ [Encrypting Amazon FSx Data at Rest and Data in Transit](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/encryption.html)
+ [Protecting Amazon S3 Data Using Encryption](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingEncryption.html)
+ [Amazon EBS Encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html)
## Security Groups/Network ACLs
A [security group](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) acts as a virtual firewall for your instance to control inbound and outbound traffic. Security groups act at the instance level, not the subnet level.
Customers often separate the SAP system into multiple subnets, with the database in a separate subnet to the application servers, and other components such as a Web Dispatcher in another subnet, possibly with external access.
If you scale workloads horizontally or require high availability, you may choose to include multiple, functionally similar, EC2 instances in the same security group. In this case, you’ll need to add a rule to your security groups.
Some configuration changes may be necessary in the security groups, route tables, and network ACLs. You can refer to the operating system product documentation, or other sources such as the [Security Group Rules Reference](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the Amazon Elastic Compute Cloud (EC2) documentation, for more information.
A [network access control list (ACL)](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html) is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets (they’re stateless firewalls at the subnet level). You may set up network ACLs with rules similar to your security groups in order to add an additional layer of security to your VPC.
## API Call Logging
[AWS CloudTrail](https://aws.amazon.com/cloudtrail/) is a web service that records AWS API calls for your account and delivers log files to you. The recorded information includes the identity of the API caller, the time of the API call, the source IP address of the API caller, the request parameters, and the response elements returned by the AWS service.
With AWS CloudTrail, you can get a history of AWS API calls for your account, including API calls made via the AWS Management Console, AWS SDKs, command line tools, and higher-level AWS services (such as AWS CloudFormation). The AWS API call history produced by CloudTrail enables security analysis, resource change tracking, and compliance auditing.
## Notifications on Access
You can use Amazon Simple Notification Service (Amazon SNS) or third-party applications to set up notifications on SSH login to your email address or mobile phone.
# Operating System
If you plan on using Windows other than via Amazon EC2 for Windows Server, then ensure you have the appropriate licenses in place and the appropriate tenancy type selected. For more details, refer to your licensing terms and conditions, and see [Windows on AWS](https://aws.amazon.com/windows/).
A base AMI is required to launch an Amazon EC2 instance. For SAP workloads on Windows, you must have a minimum of Windows Server 2012 R2 to be supported as previous versions of Windows Server are now out of support by SAP. If you are using BYOL instead of license-included for Windows Server, you must create your own AMI. For details, see the [Windows on AWS licensing documentation](https://aws.amazon.com/windows/resources/licensing/). Ensure that you have access to the appropriate Windows Server AMIs before proceeding further.
As with any operating system, we recommend you keep the OS up-to-date with the latest patches. You can also refer to [SAP Note 2325651: Required Windows Patches for SAP Operations](https://me.sap.com/notes/2325651).
# Compute
AWS has certified multiple instance families with different sizes to run SAP workloads. The details of the latest list of EC2 instance types certified are all specified in our webpage [Amazon EC2 Instance Types for SAP](https://aws.amazon.com/sap/instance-types/).
Select the appropriate EC2 instance type based on your requirements as per the sizing section. AWS recommends you use the latest generation of your selected instance family where possible (assuming it is SAP certified and therefore listed in the above webpage).
# Network
Ensure that you have your network constructs set up to deploy resources related to your SAP workload. If you haven’t already set up network components like Amazon Virtual Private Cloud (Amazon VPC), subnets, route tables and so on., you can use the [AWS Quick Start for Modular and Scalable VPC Architecture](https://aws.amazon.com/quickstart/architecture/vpc/) to easily deploy scalable VPC architecture in minutes. Refer to the deployment guide for more details, then set up your EC2 instances for the SAP workload within this VPC.
You must also set up a secured network connection between the corporate datacenter and the VPC, along with appropriate route table configuration, if this is not already configured.
# Storage Services
The SAP BOBI Platform uses the following AWS storage services:
+ [Amazon Elastic Block Store (Amazon EBS)](https://aws.amazon.com/ebs/) is used for block storage requirements of SAP BOBI Platform application servers and databases (when the database is installed on EC2).
Figure 2 shows an example use of EBS volumes for application and database. In this example, EBS volumes are used for root volumes, SAP BOBI Platform installation directory, operating system swap volume, and database data and log volumes. The CMS database is typically a small database that stores information like users, SAP BOBI Platform servers, folders, and other configurations. Therefore, it does not have the same storage performance requirements as other enterprise OLTP/OLAP databases. Follow the best practices of the database vendor for designing storage for the SAP BOBI Platform database.
+ [Amazon FSx for Windows File Server](https://aws.amazon.com/fsx/windows/) is used for shared file system requirements of SAP BOBI Platform application servers installed on Windows EC2 instances. The usage is the same as for FileStore as described above.
+ [Amazon Simple Storage Service (Amazon S3)](https://aws.amazon.com/s3/) is used for storing the backups of SAP BOBI Platform application servers.
Figure 2 shows an example use of AWS storage services by an SAP BOBI Platform installation. In this example, two SAP applications servers and a database are installed on three separate EC2 instances with Windows operating systems. EBS volumes are used for local file systems like root, install, swap, data, and log volumes. [Amazon FSx for Windows File Server](https://aws.amazon.com/fsx/windows/) is used for shared file system FileStore.
**Figure 2: AWS storage system use on SAP BOBI Platform installation**
![\[Storage system use on SAP BOBI Platform installation\]](http://docs.aws.amazon.com/sap/latest/sap-businessobjects/images/bobi_windows_storage.png)
# Deployment
In this deployment, we will provision an Amazon EC2 instance for installing the SAP application servers and the CMS database (if you are using database on EC2). When using Amazon RDS for CMS database, follow [Step 7. (Only for CMS Database on EC2 Instance) Installing CMS Database](#bobi-windows-step-7-only-for-cms-database-on-ec2-instance-installing-cms-database).
In this deployment, we will provision an Amazon EC2 instance for installing a standalone Oracle database standard system.
**Note**
In this section, the syntax shown for the AWS CLI and Linux commands is specific to the scope of this document. Each command supports many additional options. For more information, use the AWS CLI `aws help` command or see the documentation.
## Step 1. Prepare Your AWS Account
In this example we step through setting up a sample environment for the installation which includes a public subnet for RDP and SSH access via the internet. In our scenario, we are using the AWS Launch Wizard for SAP in a single-AZ deployment to create the VPC, subnets, security groups, and IAM roles. This is just an example setup and customers should follow their own network layout and comply with their own security standards. This may include:
+ using an AWS Launch Wizard for SAP for a multi-AZ deployment of SAP HANA
+ using a landing zone solution like [AWS Control Tower](https://aws.amazon.com/controltower/)
+ work with their cloud team (for example a Cloud Center of Excellence or CCoE) to use existing standards
1. Check the region where you want to deploy your AWS resources:
**Note**
You’ll have picked the region you want to deploy in during your planning phase.
1. Display the AWS CLI configuration data:
```
$ aws configure list
```
In the command output, make sure that the default region that’s listed is the same as the target region where you want to deploy your AWS resources and install the SAP workload.
## Step 2. Create a JSON file for the Amazon EBS storage
Create a JSON file that contains the storage requirements for SAP BOBI Platform server volumes.
Below is an example JSON file with two EBS volumes for swap and SAP BOBI Platform installation directory. You can modify this file as per your requirements:
```
[
{
"DeviceName": "/dev/sdh",
"Ebs": {
"VolumeSize": 32,
"VolumeType": "gp3",
"DeleteOnTermination": true
}
},
{
"DeviceName": "/dev/sdg",
"Ebs": {
"VolumeSize": 50,
"VolumeType": "gp3",
"DeleteOnTermination": true
}
}
]
```
## Step 3. Launch the Amazon EC2 Instance
Launch the Amazon EC2 instance for the SAP BOBI Platform installation in your target region by using the information that you gathered in the preparation phase. You will also be creating the required storage volumes and attaching them to the Amazon EC2 instance for the SAP installation, based on the JSON file that you created in the previous step.
```
$ aws ec2 run-instances \
--image-id AMI-ID \
--count number-of-EC2-instances \
--instance-type instance-type \
--key-name=name-of-key-pair \
--security-group-ids security-group-ID \
--subnet-id subnet-ID \
--block-device-mappings file://C:\Users\.json \
--region region-ID
```
The JSON file is the storage file that you created in [Step 2. Create a JSON file for the Amazon EBS storage](#bobi-windows-step-2-create-a-json-file-for-the-amazon-ebs-storage).
When using the command, make sure to place the command and its parameters on a single line. For example:
```
aws ec2 run-instances --image-id --count 1 \
--instance-type m5.large --key-name=my_key --security-group-ids \
--subnet-id \
--block-device-mappings file://C:\Users\.json
```
You can also launch EC2 instances using the AWS Management Console. For detailed steps, see [Launch Windows EC2 Instances using AWS Management Console](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/EC2_GetStarted.html#ec2-launch-instance).
## Step 4. Prepare Each EC2 Instance for SAP Installation
1. Log into the newly-created RDP host in the public subnet. We will call this **jumpbox** for easy reference. Do this by either using the new [Session Manager feature for AWS Systems Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager.html) (for command line tasks), or by following these steps:
1. In the AWS Management Console, select the EC2 instance **jumpbox** and choose **Connect**. Download the RDP file from the pop-up that appears.
1. Choose **Get Password** and provide your private key to decrypt the password. This is the password for the local Administrator user on **jumpbox**.
1. Open the RDP file in your preferred RDP program, and connect to **jumpbox**. Log in with user Administrator and the password you just retrieved in Step 2.
1. Once logged in, return to the AWS Management Console and repeat steps 1 and 2, but this time for the EC2 instance where you will install SAP. Copy the downloaded RDP file to **jumpbox**.
1. While logged into **jumpbox**, open the RDP file for the SAP instance in your preferred RDP program.
1. Log in as a user with administrator privileges but not an existing adm user (as per SAP’s requirements).
1. Install the AWS CLI tools or use the [AWS Tools for PowerShell](https://aws.amazon.com/powershell/) provided with the Windows AMI.
1. Install the version of the Java JRE that is compatible with your desired SAP installation software.
1. Install the AWS Data Provider as per the instructions for Windows in the [AWS Data Provider for SAP Installation and Operations Guide](https://s3.amazonaws.com/aws-data-provider/aws-data-provider-ig.pdf).
1. Install and configure the AWS Systems Manager Agent (SSM Agent). For steps, see [Working with SSM Agent](https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-agent.html).
## Step 5. Create Amazon FSx Volumes
1. The global file share and transport directories need to be available across all your SAP system’s EC2 instances. For Windows we assume use of Amazon FSx for this purpose.
1. Be sure you’ve satisfied the prerequisites in the [Technical Requirements](bobi-windows-prerequisites.md#bobi-windows-technical-requirements) section of this document. You will need to have already deployed your EC2 instances in each of the Availability Zones where you will create FSx filesystems.
1. Follow the step-by-step instructions in the [Getting Started with Amazon FSx](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/getting-started.html) documentation.
1. For high availability deployments that require multi-AZ redundancy to tolerate temporary AZ unavailability , follow the instructions to [create multiple file systems in separate AZs](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/multi-az-deployments.html) .
## Step 6. Prepare and Install the CMS Database (Only for RDS Database)
This option is applicable only when Amazon RDS MySQL is used for the CMS database. You can create a separate database for the auditing database if it’s required.
1. Create a DB subnet group for an RDS instance by following the instructions in [Create a DB Subnet Group](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Tutorials.WebServerDB.CreateVPC.html#CHAP_Tutorials.WebServerDB.CreateVPC.DBSubnetGroup).
1. In the [Amazon RDS console](https://console.aws.amazon.com/rds/), launch an Amazon RDS MySQL DB instance by following the instructions in the [Creating a DB Instance Running the MySQL Database Engine](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_CreateInstance.html).
1. Choose a supported DB version based on [SAP Note 1656099 - SAP on AWS: Supported SAP](https://me.sap.com/notes/1656099), and select the instance type and storage based on your sizing output.
1. On the **Specify DB details** page, in the **Instance specifications** section, choose **Create replica in different zone**.
1. The **Choose use case** page asks if you are planning to use the DB instance you are creating for production. If you choose **Production - MySQL**, the Multi-AZ failover option is preselected. You can deselect this option if you are not installing a highly available system.
1. On the **Configure advanced settings** page, provide information about the infrastructure you already provisioned, such as settings for the VPC, DB subnet group, and security group. In addition, you can provide custom options for encryption, backup retention period, maintenance window, and so on. You will also create a user to administer this database.
1. For the database name, you can provide the name you want to use for the CMS database. You can also change the database port from the default value to your choice of port.
1. Choose **Create database**, and then wait for the DB instance status to change to **available** in the Amazon RDS console.
1. Choose the **Instances** view and note the **Endpoint** name. In case of failover to another Availability Zone, this endpoint enables an application to reconnect to a new primary database instance without having to change anything.
1. (Optional) Create a CNAME in Amazon Route 53 or other DNS server for the database cluster endpoint. Use this CNAME during the installation of SAP BOBI Platform nodes.
## Step 7. Install CMS Database (Only for CMS Database on EC2 Instance)
Install the CMS database with an SAP supported database version of your choice. Refer to the database vendor specific documentation for instructions. You can also install Audit database if you plan to use auditing. The Auditing database can be installed at a later point in time as it is not required for SAP BOBI Platform functioning.
## Step 8. Install SAP BOBI Platform Nodes
1. Log in to each EC2 instance in the SAP BOBI Platform server and repeat the following step to install SAP BOBI platform on each instance.
1. See the [SAP BusinessObjects BI Platform installation guide](https://help.sap.com/viewer/product/SAP_BUSINESSOBJECTS_BUSINESS_INTELLIGENCE_PLATFORM/) and go to the SAP BOBI documentation specific to the version you want to install. Launch the installation as described:
**Custom / Expand** > **Expand an existing SAP BusinessObjects BI platform deployment** > **Instances** > **Servers** > **Platform Services**
1. For the first server installation, choose **Start a new SAP BusinessObjects BI platform deployment**. Follow the instructions and enter inputs as required for example database connection information. Figure 3 shows example of adding database connection information when using RDS MySQL.
1. (Optional) This step is only required for multi-node installation. For all additional server installations, choose **Expand an existing SAP BusinessObjects BI platform deployment**. Follow the instructions and enter inputs as required for example database connection information and first CMS server connection information.
This completes the installation of SAP BOBI Platform.
## Step 9. Configure End User Access for Multi-Node Deployment
To distribute the user load evenly across the web tier servers, you can use a load balancer between the web users and the web servers. In this guide, we’ll discuss the use of [Elastic Load Balancing (ELB)](https://aws.amazon.com/elasticloadbalancing/) for this purpose. You can also install other load balancers on EC2 instances for end user access, refer to vendor specific documentation for such installation. An Application Load Balancer automatically scales its request handling capacity in response to incoming application traffic. Follow these steps to configure an Application Load Balancer for SAP BOBI Platform:
1. In the [Amazon EC2 console](https://console.aws.amazon.com/ec2/), [create an Application Load Balancer](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-application-load-balancer.html#configure-load-balancer) in the VPC where SAP BOBI Platform is running. Specify the Availability Zones and subnets of all the web tier servers.
**Note**
Application Load Balancer cannot route fields with special characters (such as, underscore) to targets. Disable the `routing.http.drop_invalid_header_fields` attribute to enable routing of fields with special characters.
1. [Configure a security group](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-application-load-balancer.html#configure-security-group) that allows users to connect to the Application Load Balancer on the SSL port.
1. [Create a target group](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-application-load-balancer.html#configure-target-group) to register web servers as the targets to the load balancer. For **Target type**, choose **ip** and specify the IP address and SSL port of the web servers to register as targets.
1. [Enable sticky sessions](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#sticky-sessions).
1. Create or upload an existing SSL certificate in AWS Certificate Manager (ACM).
1. Enable Secure Sockets Layer (SSL) communications for SAP BOBI Platform by following the instructions in the [Business Intelligence Platform Administrator Guide](https://help.sap.com/http.svc/rc/ec7df5236fdb101497906a7cb0e91070/4.2.6/en-US/sbo42sp6_bip_admin_en.pdf). See also: [Enabling SSL in BI Platform 4.2 SP05](https://community.sap.com/t5/technology-blog-posts-by-sap/enabling-ssl-in-bi-platform-4-2-sp05/ba-p/13322029) on the SAP Blog.
1. (Optional) Create a CNAME in Amazon Route 53 for the Application Load Balancer DNS name. Use this CNAME to access SAP BOBI Platform.
# Operations
## Tagging AWS Resources
A tag is a label that you assign to an AWS resource. Each tag consists of a *key* and an optional *value*, both of which you define. Adding tags to the various AWS resources will not only make managing your SAP environment much easier but can also be used to quickly search for resources. Many Amazon EC2 API calls can be used in conjunction with a special tag filter. See [AWS Tagging Strategies](https://aws.amazon.com/answers/account-management/aws-tagging-strategies/) and use it as a starting point to define the tags you need for your resources. Below are the examples on how you can use tags for operational needs:
+ You can tag your EBS volumes to identify their environment (for example Environment= DEV/QAS/PRD etc.) and use these tags to create backup policies for EBS volumes
+ You can use similar tags as in above example with EC2 instances and use them for patching your operating systems or running scripts to stop/start application or EC2 instances.
## Monitoring
AWS provides multiple native services to monitor and manage your SAP environment. You can use services like [Amazon CloudWatch](https://aws.amazon.com/cloudwatch/) and [AWS CloudTrail](https://aws.amazon.com/cloudtrail/) to monitor your underlying infrastructure and APIs, respectively. CloudWatch provides ready-to-use KPIs for CPU and disk utilization, and also allows you to create custom metrics if your specific KPIs that you would like to monitor. CloudTrail allows you to log the API calls made to your AWS infrastructure components.
## Operating System Maintenance
In general, operating system maintenance across large estates of EC2 instances can be managed by:
+ tools specific to each operating system such as Microsoft System Center
+ third-party products such as those available on AWS Marketplace
+ using AWS Systems Manager
Here we outline some key operating system maintenance tasks.
### Patching
You can follow SAP recommended patching processes to update your landscape on AWS. For operating system patching, with [AWS Systems Manager Patch Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-patch.html) you can roll out OS patches as per your corporate policies. There are multiple key features like:
+ scheduling based on tags
+ auto-approving patches with lists of approved and rejected patches
+ defining patch baselines
AWS Systems Manager Patch Manager integrates with AWS Identity and Access Management (IAM), AWS CloudTrail, and Amazon CloudWatch Events to provide a secure patching experience that includes event notifications and the ability to audit usage. For details about the process, see [How Patch Manager Operations Work](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-how-it-works.html). If AWS Systems Manager Patch Manager does not fulfill your requirements, there are third-party products available as well. Some of these are available via the [AWS Marketplace](https://aws.amazon.com/marketplace).
### Maintenance Window
[AWS Systems Manager Maintenance Windows](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-maintenance.html) let you define a schedule for when to perform potentially disruptive actions on your instances such as patching an operating system, updating drivers, or installing software or patches.
### Administrator Access
You can access the backend SAP systems for administration purposes in a number of ways:
+ AWS Systems Manager Session Manager
+ Remote Desktop Protocol
+ SSH
## Backup and Restore
### Snapshots and AMIs
A common approach for backing up your SAP NetWeaver application servers is using snapshots and AMIs.
All your data is stored on Amazon EBS volumes attached to the SAP NetWeaver application servers. You can back up the data on these volumes to Amazon S3 by taking point-in-time snapshots. Snapshots are incremental backups of Amazon EBS volumes, which means that only the blocks on the device that have changed after your most recent snapshot are saved. For more details on this, see [Creating an Amazon EBS Snapshot.](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-creating-snapshot.html)
An Amazon Machine Image (AMI) provides the information required to launch an instance along with a block device mapping of all EBS volumes attached to it.
Amazon EC2 powers down the instance before creating the AMI to ensure that everything on the instance is stopped and in a consistent state during the creation process. If you’re confident that your instance is in a consistent state appropriate for AMI creation, you can select the **No Reboot** option. You can use the AWS Systems Manager Run Command to take [application-consistent snapshots of all EBS volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/application-consistent-snapshots.html) attached to your instance using Windows Volume Shadow Copy Service (VSS) to make it safe to create the image without rebooting the instance.
You can use [AWS Backup](https://aws.amazon.com/backup/) to centrally configure backup policies and monitor backup activity for these snapshots.
Once you have completed the SAP installation and post installation steps, you should create an image of the instance. AWS provides a very simple and quick way to copy an SAP system. You can use the AWS Management Console or the AWS CLI to create a new AMI of an existing SAP system. The new AMI contains a complete copy of the operating system and its configuration, software configurations, and all EBS volumes that are attached to the instance. From the new AMI you can launch exact copies of the original system. For more information, see [Creating an Amazon EBS Backed Windows AMI.](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/Creating_EBSbacked_WinAMI.html)
Syntax:
```
aws ec2 create-image --instance-id i-1234567890abcdef0 --name "My server" --description "An AMI for my server"
```
**Note**
When you build an instance using an AMI, make sure you update the hostname and the `c:\Windows\System32\Drivers\etc\hosts` file with the new metadata. These details usually get copied from the source.
### File Backup to S3
You can perform traditional file-based backups to Amazon S3 from your EBS volumes. One way to do this is by using the AWS CLI and trigger this using AWS Systems Manager Run Command so that you can centrally manage these.
### Third-Party Options
There are many third-party backup products for AWS services, including a number that have been certified by SAP. For more information, see [AWS SAP Partner Solutions](https://aws.amazon.com/sap/partner-solutions/).
### Amazon FSx Backup
With Amazon FSx, backups are file-system-consistent, highly durable, and incremental. To ensure file system consistency, Amazon FSx uses the Volume Shadow Copy Service (VSS) in Microsoft Windows. To ensure high durability, Amazon FSx stores backups in Amazon Simple Storage Service (Amazon S3). Amazon FSx backups are incremental, which means that only the changes after your most recent backup are saved.
Amazon FSx automatically takes backups of your file systems once a day. These daily backups are taken during the daily backup window that was established when you created the file system.
If you want to set up a custom backup schedule, you can [deploy our reference solution](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/custom-backup-schedule.html).
### Backing up SAP BOBI Platform
Backup of SAP BOBI should protect the following components. The backup of CMS database and FileStore should be taken at the same time to maintain consistency.
+ CMS Database (Amazon RDS or Database on EC2)
+ FileStore (Amazon FSx for multi-node install or Amazon EBS for standalone install)
+ SAP BOBI installation directory
You can choose from following options for backup.
+ For Amazon FSx, you can schedule the backups. For details, see [Working with Backups](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/using-backups.html).
+ When using Amazon RDS for CMS database and Windows operating system for application, you can use AWS Backup for Amazon EBS and database backups. AWS Backup is a fully managed backup service that makes it easy to centralize and automate the back up of data across AWS services in the cloud. You can configure backup policies based on tags from a central backup console, simplifying backup management and making it easy to ensure that your application data is backed up and protected. You can put database, FileStore, and installation directory resources in same policy to ensure consistency.
+ When using Amazon RDS for CMS database and Windows operating system for application, you can use [AWS Backup](https://aws.amazon.com/backup/) service for the backup of Amazon RDS and SAP BOBI Installation directory.
+ You can use supported third-party backup tools that provide database and file system agents for backup and recovery of all SAP BOBI platform component.
+ If the preceding AWS services and tools do not meet your requirements, you can also use standard database backup tools and scripts to create database backups, file system backups and EBS snapshots. Database and file system backups can be stored on an EBS volume attached to your database and application EC2 instances. For better durability and agility, we recommend that you move your backups to Amazon S3. Based on your business continuity and compliance requirements, you can choose to move your backups to Amazon S3 Glacier and use Amazon S3 Lifecycle policies. For details, see [How Do I Create a Lifecycle Policy for an S3 Bucket?](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/create-lifecycle.html). Amazon S3 Lifecycle policies also let you delete older backups based on your backup retention requirements.
+ If you use SAP HANA as the database for CMS, you can use AWS Backint Agent for SAP HANA to backup your data to Amazon S3. For more information, see [AWS Backint Agent for SAP HANA](https://docs.aws.amazon.com/sap/latest/sap-hana/aws-backint-agent-sap-hana.html).
### Recovering the SAP BOBI Platform
The backups that you choose for the restore of CMS database and FileStore should have been created at the same time to maintain consistency. You can recover a database to a point-in-time using log files, but Amazon EFS (used for FileStore) does not have similar capabilities. In this case, recovering a database to most recent state but FileStore to an older state may cause inconsistencies between the two.
Based on the backup strategy, the following are options for restore.
+ When you restore a backup in AWS Backup, a new resource is created based on the backup that you are restoring. Depending on the component that you restore, you can point you SAP BOBI Platform installation to the new resource or copy data to the original resource. For example, you can restore Amazon FSx and Amazon EBS on a different file system or EBS volume. After you have the new resource available, you can either copy a subset of the data or replace your original resource with the new one. See [Restoring a Backup](https://docs.aws.amazon.com/aws-backup/latest/devguide/restoring-a-backup.html) for details.
+ When restoring using third-party software, refer to vendor- and application-specific documentation.
+ If you are restoring from Amazon S3 using custom scripts, you will have to restore the backup to an EBS volume, and then use either database specific tools or native operating system features to restore your data back to SAP BOBI Platform installation.
## Compute
EBS volumes are exposed as NVMe block devices on [Nitro-based instances](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/instance-types.html#ec2-nitro-instances). When changing EC2 instance types from a previous generation to a Nitro generation, if using a Windows Server 2008 R2 or later Windows AMI, the AWS NVMe driver is already included as per the [Amazon EBS and NVMe documentation](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/nvme-ebs-volumes.html). If you are not using the latest AWS Windows AMIs provided by Amazon, see [Installing or Upgrading AWS NVMe Drivers](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/aws-nvme-drivers.html#install-nvme-drivers).
Aside from operating system maintenance, there is also maintenance you can consider for EC2 instances themselves. This can be driven via AWS Systems Manager Automation documents. Some examples of this are:
+ Use the ` AWS-StopEC2InstanceWithApproval ` document to request that one or more IAM users approve the instance stop action. After the approval is received, Automation stops the instance.
+ Use the ` AWS-StopEC2Instance ` document to automatically stop instances on a schedule by using Amazon CloudWatch Events or by using a Maintenance Window task. For example, you can configure an Automation workflow to stop instances every Friday evening, and then restart them every Monday morning.
+ Use the ` AWS-UpdateCloudFormationStackWithApproval ` document to update resources that were deployed by using AWS CloudFormation template. The update applies a new template. You can configure the Automation to request approval by one or more IAM users before the update begins.
Finally, use the [AWS Instance Scheduler](https://aws.amazon.com/solutions/instance-scheduler/) Solution to easily configure custom start and stop schedules for their Amazon Elastic Compute Cloud (Amazon EC2) and Amazon Relational Database Service (Amazon RDS) instances.
## Cost Optimization
Just as with right sizing, we recommend customers make cost optimization an ongoing process. This is an extensive topic with many AWS services that help with budgeting, cost control and proactive cost optimization recommendations.
For more details, see the [Cost Optimization Pillar](https://docs.aws.amazon.com/wellarchitected/latest/cost-optimization-pillar/welcome.html) of the AWS Well-Architected Framework and the [SAP on AWS Pricing and Optimization Guide](https://docs.aws.amazon.com/sap/latest/general/sap-on-aws-pricing-guide.html).
## Automation
### Automation using Infrastructure as Code with AWS CloudFormation
We recommend following the principle of Infrastructure as code (IaC) in automating and maintaining your workloads on AWS. [AWS CloudFormation](https://aws.amazon.com/cloudformation/) provides a common language for you to describe and provision all the infrastructure resources in your cloud environment in a repeatable and automated manner, and thus follow the principle of IaC.
### Automation using Documents
[AWS Systems Manager Automation](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-automation.html) simplifies common maintenance and deployment tasks of Amazon EC2 instances and other AWS resources. Automation enables you to do the following:
+ Build Automation workflows to configure and manage instances and AWS resources.
+ Create custom workflows or use pre-defined workflows maintained by AWS.
+ Receive notifications about Automation tasks and workflows by using Amazon CloudWatch Events.
+ Monitor Automation progress and execution details by using the Amazon EC2 or the AWS Systems Manager console.
There are many AWS-provided documents specific to Windows already available.
## Integration with AWS Big Data Services
The SAP BOBI Platform product can use multiple AWS Big Data services as data sources for reporting purposes. When using SAP BOBI version 4.2, you can connect to the following AWS data sources:
**Table 2: AWS Big Data services support for SAP BusinessObjects Business Intelligence 4.2**
| Use Case | Amazon Product | SAP BOBI 4.2 Supported |
| --- | --- | --- |
| Data source | Amazon RDS Oracle | Yes |
| Data source | Amazon Redshift | Yes |
| Data source | Amazon EMR Hive (Hive1) | Yes |
| Data source | Amazon EMR Hive (Hive2) | Yes |
| Data source | Amazon EMR Hive 5.6 (Hive2) | Yes |
See the [SAP Product Availability Matrix (PAM)](https://support.sap.com/pam) for the complete list of SAP BOBI Platform supported data sources specific to your version.
# Support
To get help from SAP, SAP and AWS requires a business support agreement on AWS. [AWS Business Support](https://aws.amazon.com/premiumsupport/business-support/) provides resources and technical support for customers running SAP workloads on AWS. If you have any technical issues around AWS, you can open up a case with SAP or AWS and it will be routed to the appropriate team. AWS also offers [AWS Enterprise Support](https://aws.amazon.com/premiumsupport/enterprise-support/) for customers running mission critical production workloads on AWS.
# Document Revisions
| Date | Change |
| --- | --- |
| January 2023 | Updates throughout the guide |
| October 2019 | Initial publication |