# AWS automations for SAP administration and operations
Using AWS services and tools, you can choose which AWS automations to implement and customize for your specific requirements. The following are examples of AWS services and tools that you can use to automate SAP administration and operations:
+ Managing access using AWS IAM Identity Center
+ System provisioning using AWS Launch Wizard
+ High availability and disaster recovery using AWS CloudFormation
+ Autoscaling AWS resources to support SAP applications by using AWS Auto Scaling
+ Managing SAP configuration with AWS Config
+ Copying serverless systems using AWS Lambda
+ Monitoring SAP systems with Amazon CloudWatch
+ Analyzing SAP data lakes with AWS Glue
+ Configuring Secure File Transfer Protocol (SFTP) with AWS Transfer Family
+ Starting and stopping SAP systems with AWS Systems Manager
+ Integrating email with Amazon Simple Email Service (Amazon SES)
+ Load balancing with Elastic Load Balancing (ELB)
+ Patching operating systems and SAP with Systems Manager
+ Backing up SAP with AWS Backup
+ Using the SAP HANA hardware and cloud measurement tool (HCMT) and hardware configuration check tool (HWCCT) with Systems Manager
+ Scheduling jobs with AWS Step Functions
The following sections describe some of these example automations in more detail. The SAP Global Specialty Practice team constantly innovates and drives new AWS automation capabilities, so the number of automations will continue to grow.
**Topics**
+ [Example: Automating system provisioning](system-provisioning.md)
+ [Example: Monitoring SAP application clusters, SAP HANA clusters, and SAP application service](monitoring.md)
+ [Example: Automating SAP serverless refresh](serverless-refresh.md)
+ [Example: Automating startup and shutdown of SAP systems](system-start.md)
+ [Example: Auto scaling SAP applications](auto-scaling.md)
# Example: Automating system provisioning
*System provisioning* is the process of setting up infrastructure in the cloud, including establishing user, system, and service access to the applications, data, and cloud resources. The benefits of automatic system provisioning are:
+ Reduced human errors during the deployment
+ Consistent, reproducible, and auditable provisioning
+ Scalability of infrastructure
+ Reduced time and cost of provisioning
There are number of approaches for automating system provisioning. This guide dives deeper into two options, AWS Launch Wizard and infrastructure as code (IaC).
## Launch Wizard
Using Launch Wizard to automatically provision systems reduces the amount of time it takes to deploy SAP applications in the cloud. You input your application requirements on the service console, including SAP HANA settings, SAP landscape settings, and deployment details. Launch Wizard identifies the appropriate AWS resources to support the application and estimates the cost of deployment. You can modify the resources and instantly view the updated, estimated cost. You can also deploy the resources to operate your SAP application directly from Launch Wizard. For more information, see [AWS Launch Wizard for SAP](https://docs.aws.amazon.com/launchwizard/latest/userguide/launch-wizard-sap.html).
The following image and process explains, at a high level, how you use Launch Wizard to identify, estimate, and launch the AWS resources needed to support your SAP application:
1. In Launch Wizard, from a catalog of applications, you choose which to deploy.
1. You enter the application specifications.
1. Launch Wizard recommends the AWS resources for the application and provides a cost estimate.
1. When you approve, Launch Wizard provisions the selected resources on AWS.
1. Launch Wizard configures the high availability solution and creates code templates for future use.
1. Launch Wizard creates a ready-to-use application that is integrated with AWS management and monitoring services.
![\[Process diagram explaining the high-level steps of how to use AWS Launch Wizard.\]](http://docs.aws.amazon.com/prescriptive-guidance/latest/strategy-sap-automation/images/LaunchWizard.png)
## Infrastructure as code
Another way to automatically provision systems and reduce the time required to deploy SAP applications is to use infrastructure as code. *Infrastructure as code* is a practice in which you use code and software development techniques, such as version control and continuous integration, to provision and manage infrastructure. The AWS Cloud offers an application programming interface (API)-driven model that enables developers and system administrators to interact with infrastructure programmatically at scale, instead of manually setting up and configuring resources. Because the resources and services are defined as code, you can quickly use standardized patterns to deploy infrastructure and servers with the latest patches and versions, and you can duplicate resources in repeatable ways. For more information, see the blog post [Terraform your SAP Infrastructure on AWS](https://aws.amazon.com/blogs/awsforsap/terraform-your-sap-infrastructure-on-aws/).
# Example: Monitoring SAP application clusters, SAP HANA clusters, and SAP application service
Another example of automation for SAP on AWS is monitoring SAP application clusters, SAP HANA clusters, and SAP application service. By automating monitoring, you can effectively monitor SAP NetWeaver and database cluster environments at a low cost, without the need to deploy or manage any servers or agents. The blog post [SAP application cluster, SAP HANA cluster and SAP application service monitoring](https://aws.amazon.com/blogs/awsforsap/sap-application-cluster-sap-hana-cluster-and-sap-application-service-monitoring/) describes the technique of using CloudWatch metrics and dashboards to monitor the SAP application clusters, HANA database clusters, and HANA replication and SAP application core services. The benefits of this AWS automation capability are:
+ Effective monitoring of SAP Advanced Business Application Programming (ABAP)-based environments
+ No need to deploy and manage servers or agents
+ Single administrative dashboard for accessing SAP and AWS service metrics
+ Low costs and no additional licensing fees
The following image and process describe how you set up this automation to monitor SAP databases and allow users to access current data and metrics:
1. Using the SAP Java Connector (SAP JCo) development library, a Lambda function establishes a connection with the SAP system.
1. The Lambda function uses the SAP Remote Function Call (RFC) protocol to fetch data from the SAP database.
1. The Lambda function fetches SAP credentials that are securely stored in AWS Secrets Manager and uses them to log in to the SAP system.
1. Lambda publishes the SAP data to CloudWatch as custom metrics. Because of the rule, Lambda performs this action every 60 seconds.
1. The user can access SAP applications, data, and metrics through a custom CloudWatch dashboard.
![\[Architecture diagram showing the automation of monitoring SAP databases.\]](http://docs.aws.amazon.com/prescriptive-guidance/latest/strategy-sap-automation/images/monitoring.png)
# Example: Automating SAP serverless refresh
Another example of automation for SAP on AWS is *SAP serverless refresh*. Many enterprises require regular refreshes of their SAP systems in order to support testing and production operations. The manual refresh process can be time-consuming, costly, and tedious for SAP administrators. As an alternative to the manual process, you can use an automation that consists of serverless AWS services that collectively perform the system refresh process for you. You can use this capability to refresh an SAP system’s test data from another system. This solution currently supports SAP systems using the SAP HANA database management system. The following are the benefits of this automation:
+ Maintains the SAP system configuration
+ Increases productivity, agility, and innovation
+ Reduces downtime to several minutes
+ Reduces human resource involvement
+ Reduces the risk of human error
+ Reduces the refresh process from weeks to days
The following image and process describe how the automation for SAP serverless refreshes works:
1. A user starts a state machine in AWS Step Functions. For more information about state machines, see [States](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-states.html) (Step Functions documentation).
1. The state machine uses an Amazon Simple Notification Service (Amazon SNS) topic to notify the end user that the process has started.
1. A Lambda function starts Systems Manager documents that launch an Amazon Elastic Compute Cloud (Amazon EC2) instance from an Amazon Machine Image (AMI).
1. A Lambda function restores the backup by copying the backup files from an Amazon Simple Storage Service (Amazon S3) bucket to the EC2 instances that host the SAP database. The Lambda function also references Parameter Store, a capability of Systems Manager, to retrieve values of required variables, such as the target hostname, target IP address, and target SAP system identifier.
1. After the database restoration is complete, a Lambda function performs post-copy tasks, such as transport import and logical system name conversion.
1. The state machine uses the Amazon SNS topic to notify the end user that the refresh was successful.
1. The Lambda functions use an Amazon DynamoDB table to track the progress of each step in the state machine.
![\[Architecture diagram showing how you can use automation to perform a serverless refresh.\]](http://docs.aws.amazon.com/prescriptive-guidance/latest/strategy-sap-automation/images/backuprestore.png)
# Example: Automating startup and shutdown of SAP systems
A typical productive SAP system consists of multiple Amazon EC2 instances that host several critical SAP components, such as SAP database servers, SAP application servers, SAP Central Services and SAP enqueue replication services. SAP customers also integrate their core SAP systems with other mission-critical solutions, such as archiving engines, tax management solutions, content servers, and job management systems. The startup and shutdown procedure for such a complex and tightly integrated SAP solution requires following a specific sequence of tasks.
You can automate startup and shutdown of SAP systems by using AWS services. This consistent and controlled process requires significantly less human intervention because it automates the monotonous, repetitive tasks and follows the sequence designed by SAP administrators. You can optionally add scheduling, notification, and alerts by using AWS services built for the cloud. In addition, this automation is capable of defining and handling dependencies between multiple SAP and non-SAP applications. For more information, see the blog post [Automate Start or Stop of Distributed SAP HANA systems using AWS Systems Manager](https://aws.amazon.com/blogs/awsforsap/automate-start-or-stop-of-distributed-sap-hana-systems-using-aws-systems-manager/). In addition, see the blog post [Start/Stop SAP systems with Slack using Amazon Q Developer in chat applications](https://aws.amazon.com/blogs/awsforsap/start-stop-sap-systems-with-slack-using-aws-chatbot/), which describes how to automate this process by using Slack and AWS services, such as Amazon Q Developer in chat applications, Lambda, Systems Manager, and CloudWatch. The following are the benefits of this automation:
+ Significantly reduces costs by reducing the need for manual operational efforts
+ Reduces the risk of human error and the need for expensive corrective activities
The following image and process describe how you can automate startup and shutdown of SAP systems:
1. A time-based event causes an Amazon EventBridge rule to start a Systems Manager document. For more information, see [Systems Manager documents](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-ssm-docs.html).
1. Systems Manager connects to the target EC2 instances and stops or starts the SAP application and its associated instances.
1. After the SAP system has stopped or started, another EventBridge rule responds to the change in the EC2 instance state and uses a Lambda function handler to notify the stakeholders of the change.
![\[Architecture diagram showing how you can automate startup or shutdown procedures for complex SAP systems.\]](http://docs.aws.amazon.com/prescriptive-guidance/latest/strategy-sap-automation/images/starting.png)
# Example: Auto scaling SAP applications
You can automate *SAP application auto scaling*, which automatically detects SAP application server demand and scales up or scales down Amazon EC2 instances accordingly. This capability can adapt to spikes and dips for concurrent user logins, month-end close, payment runs, and a variety of both predictable and unpredictable workloads. The capability can horizontally scale up (start new compute services as application servers) and scale down (stop existing compute services). The following are the benefits of this automation:
+ Dynamic adjusting of application server capacity based on user demand
+ Running minimal baseline EC2 instances at the application layer
+ Reducing costs
+ Maintaining increased and scalable performance service level agreements (SLAs) for the business
The following image and process describe how you can automate scaling of the resources that support your SAP applications:
1. A time-based event, typically scheduled for every 2 minutes, causes Amazon EventBridge to start a Lambda function.
1. The Lambda function collects the required statistical information from Amazon DynamoDB and its local environment variables, such as hostname and threshold values.
1. If demand is above or below the threshold, the Lambda function directs AWS Systems Manager to start or stop additional EC2 instances to support the SAP applications.
![\[Architecture diagram showing how you can automate starting or stopping EC2 instances to support the demand for your SAP applications.\]](http://docs.aws.amazon.com/prescriptive-guidance/latest/strategy-sap-automation/images/autoscaling.png)