![](https://community.sap.com/html/assets/img_tile-default.png)
The PostgreSQL on SAP BTP, hyperscaler option provides a way to directly consume the PostgreSQL service provided by the infrastructure providers such as AWS, Azure, GCP and Alicloud.
The service is part of SAP BTP portfolio that aims to simplified development, the service is part of BTP Backing Services and provides pre-built components and infrastructure that developers can easily integrate into their applications. This simplifies the development process by reducing the need to build complex functionalities from scratch. Developers can focus on implementing core features and business logic instead of spending time on low-level infrastructure concerns.
To be able to run some activities, for example related to monitoring your PostgreSQL instance you need to access the database using credentials with admin rights type. SAP provides a way for customers to request a temporary user access (valid between 1-29 days) to be able to run some monitoring and admin tasks.
This extension API allows a user access request with special authorizations valid for a maximum of 29 days. The access will be provided via the user ‘instance_monitoring_admin”.
This extension API allows a user access request with special authorizations valid for a maximum of 29 days. The access will be provided via the user ‘instance_monitoring_admin”, follow the below step-by-step example to know how to request the user, using the extension API.
When requesting the user access, you need to add a bearer token to the API call for the authorization. Login to the BTP Cloud Foundry Environment using the API endpoint.
cf login -a https://api.cf.sap.hana.ondemand.com/
After authentication (using your registered e-mail account) you will be prompted to select the organization and space where you have deployed your instance. In case your are not prompted with the choice, use the below cf command to set the target organization and space.
cf target -o <org> -s <space>
Retrieve a ‘bearer’ token by running the below command.
cf oauth-token
See below an example of the output of the above commands.
⚠️Copy the token to a safe place, you will need it for authentication in the API call, when requesting the user.
You can retrieve the server API base URL from service key credentials file, look for the api_server parameter. If you can’t find the parameter in the service key file, please generate a new service key as the parameter was added probably after you have generated the current service key, see below screen shot.
We choose to use for our example the Postman REST Client for Visual Code, but you can choose any other tool or method for sending the PUT request. Replace parameter {id} with your instance ID.
Below the complete API URL for our scenario, using the retrieved server API URL and our instance ID
https://api-backing-services.eu10-canary.data.services.cloud.sap/v1/postgresql-db/instances/fab5bd81-9292-4b6a-92ee-544d8175482a/monitoring-admin
We will request a user with the maximum validity by using the below json payload.
{"time_to_live": 29}
In the authorization configuration, choose the type ’Bearer Token’ and add the token that you have requested before.
⚠️Remove the word bearer and the space in the begin before paste the token.
After sending the PUT request you will receive a response with the credentials (password and the validity confirmation) for the user access.
Another way is to use, for example, the command line tool cURL.
In the code (snippet) section of Postman you can easily check the full command line to run the same PUT request, using the cURL command line.
Please refer always to the product official documentation, regarding extensibility APIs, at SAP Help Portal .
Thanks for your reading,
SAP BTP Backing Services – Product Management
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
19 | |
16 | |
14 | |
11 | |
11 | |
7 | |
7 | |
7 | |
7 | |
7 |