Further hybrid multi-cloud SAP Cloud and S/4HANA integration architecture topics:
This page provides a high-level overview of integration topics for SAP workloads on hybrid multi-cloud Azure and AWS platforms. SAP offers the SAP Integration Suite on the Business Technology Platform.
Multi-cloud solutions integrate services of different cloud platforms. The architectural blueprint below demonstrates the combination of SAP Business Technology Platform (BTP), Amazon AWS or Azure services.
Users stored within Azure ID, are federated to SAP Identity Authentication (IAS) and AWS SSO. Trust configured between SAP BTP and AWS enables OAuth SSO with BTP Fiori HTML5 apps and AWS services.
Backend and application tiers are implemented serverless on AWS with APIs, AWS Lambda functions and AWS S3 storage.
Event Driven Architectures integrate loosely coupled applications in heterogeneous hybrid and multi-cloud environments. EDA implement event-driven design patterns with producer and consumer building blocks. Loosely coupled components ensure scalability and resilience of the integration architecture. EDA implementations depends on available platform services and event types.
Producer components start EDA event flows and send notifications or messages as events to event queues or channels. These events get processed asynchronously by consumers.
Event messages contain all communication information needed by the consumer. Notifications contain only information about the event. Consumer of notifications have to request further business information via APIs.
Notifications implemented with CloudEvents enhance the interoperability. Cloud Events are supported e.g. Azure Event Grid, Knative Eventing, S/4HANA.
Event-driven integration patterns for message exchange (one-way or request-response) and message channels are:
Message Channels | Short Description | Cloud Event Services |
---|---|---|
Point-to-point | the event queues ensure that messages are transferred to single receivers | Amazon SQS, Amazon MQ, Azure ServiceBus |
Publish-subscribe | event channels use topics to group messages of same type. Fan-out pattern ensure, that messages can be received immediately by multiple subscribers | SAP Event Mesh, Amazon SNS, Amazon MQ, Azure EventGrid, Azure ServiceBus with durable messaging pulled by subscribers |
S/4HANA Systems are event enabled with notifications implementing the CloudEvents specification. Available S/4HANA Cloud business events are published on the API Business Hub.
Cloud based Integration as a Service (IaaS) platforms are composed of integration services to connect applications across multi-cloud scenarios.
Platform integration services cover main integration capabilities like API management with orchestration and decoupled communication pattern with event handling or messaging. These capabilities enable the design of hybrid multi-cloud integration architectures with loosely coupled modern applications or services which expose their functionality with APIs and communicate with messages or events.
Common scenarios are integrations of applications (EAI), business partners (B2B), Software as a Service (SaaS) solutions or IoT devices.
Microsoft Azure Integration Services can be combined, to realize highly integrated hybrid multi-cloud solutions. Each integration service offers unique advantages and their differences have to be considered in the architecture design.
Azure Logic Apps is a workflow service to implement integration scenarios for business processes with scheduled, automated and orchestrated tasks. Logic Apps shares workflow designer and connectors with Power Automate which empower office workers to perform simple integrations.
The API Management service offers a management plane for API providers, a developer portal and client access via the API gateway. For multi-region deployments with premium plans, only API gateway components get replicated. Policies are statements to change the API behavior using configuration e.g. to adapt response headers.
API Management features are publishing, controlling, monitoring and securing of internal or external APIs. API management offer performance optimization options with data caches and data conversions (SOAP to REST, XML to JSON, JSON to XML). Rate limiting protects APIs against distributed denial of service (DDoS) attacks.
API management capabilities can be used to transform messages e.g. with policies to strip header or convert JSON data conversion. Web app access to APIs can be controlled with validation policies to make decisions on authorizations granted by Azure AD with OAuth2 bearer token (JWT).
Microsoft Azure offers multiple services to implement communication scenarios with lightweight event notifications or messages containing payloads.
Azure Event Grid is a highly scalable, serverless broker for discrete events to connect solutions using event-driven architectures. Event Grids offer features like custom event handling with custom topics or event handling with JSON or CloudEvent formats.
Azure Event Hub is a Big Data event streaming platform for event producers to send data using the Event Hub REST API (subset of AMQP), AMQP 1.0 or Apache Kafka (protocol 1.0 or above) in possible scenarios e.g. analytics pipelines like clickstreams, application logging, data archiving, telemetry processing or fraud detection.
Azure Service Bus is a fully managed enterprise message broker which publishs messages with topics to subscribed receivers. Service Bus supports hybrid scenarios with senders or receivers located on Azure or on-premise.
Service Bus messages contain binary decoded payloads of JSON, XML or text formats which can be copied to multiple subscribers. Azure Service Bus queues allow asynchronous FIFO processing for single consumers and guarantee that messages remain in the queue until they get processed.
Azure API management and Logic Apps can be used to implement serverless integration scenarios to realize business processes with workflows. Logic app workflow steps can be connected directly to OData REST APIs of multi-cloud services. Local Application Data Gateways enable hybrid solutions with on-premise communication partners like SAP S/4HANA private cloud.
Depending on the HTTP command, connected APIs return business data (GET) or process transactions (PUT or POST).
AWS Application Integration is a set of services, that enable communication between decoupled components in microservices, distributed systems, and serverless applications.
Service | Short Description |
---|---|
Simple Notification Service (SNS) offers reliable capabilities for sending messages or notifications with a publisher-subscriber model | |
Simple Queue Service (SQS) implements message queues between application components | |
Amazon MQ is a message broker service for Apache ActiveMQ | |
Step Functions coordinate multiple AWS services into serverless workflows | |
API Gateway offers features to create, publish, maintain, monitor and secure APIs |
The Amplify low-code environment can be used to create login UIs and Cognito pools for authentication. Without user pools, federated user receive short lived certificates to access AWS resources. User pools enable app specific user and group management.
AWS API Gateway allows to:
Please also take a look at the HTTP XML integration design in the SAP IDoc Integration with Amazon S3 blog.