"The content of this blog is provided for informational purposes only and does not constitute a binding service delivery offering at SAP Enterprise Cloud Services. All information is subject to change without notice, and readers should not rely solely on the information presented here for making decisions. For specific service offerings and commitments from SAP Enterprise Cloud Services, please contact SAP Enterprise Cloud Services directly."
SAP Private Link service on BTP has been available for quite some time, here in this Blog, I aim to introduce and provide an overview of the setup of the SAP Private Link service when the backend SAP Application system (ABAP) is located within the SAP Enterprise Cloud Services (SAP RISE) Landscape.
SAP Private Link service sets up a private HTTPS connectivity between SAP BTP and Azure to enable some SAP BTP extensions or applications to consume certain Azure native Services via a "Private Azure Backbone Network connectivity”, yes you read that right - Private! , here the data transfer between SAP BTP and Azure is through Private Network Connections.
Generally, SAP Private Link service lets you consume selected Azure native services of your Azure subscription in SAP BTP in a "uni-directional" manner.
Now specifically at SAP Enterprise Cloud Services, when you have SAP Application systems hosted on Azure as your underlying hyperscaler platform ; the only use-case of SAP Private link service that is applicable is 'Azure Private Link Service (generic LB scenario for VMs and others)' - This means in the context of SAP Enterprise Cloud Services , A S/4HANA application or another compatible SAP solution will be the only service BTP extensions/Apps/services can connect to in the ECS@Azure Hyperscaler platform. This connectivity is enabled by the provisioning of the Azure private link service, allowing you to access ECS managed SAP application resources ( again..without using the public Internet ! ) .
The scenario setup for Enterprise Cloud Services can be visualized like the below:
The Azure Private Link service-based connectivity has been approved by the ECS Security Office following the standard ECS Security Concept Approval process.
As usual the setup at ECS comprises of a bunch of steps which I try to breakdown into sections below
The above pre-requisites are pictured below, each bullet point above is depicted here in the following picture ;
Please get in touch with your Customer Facing contacts at Enterprise Cloud Services and ask for this by providing your requirement. The Enterprise Cloud Services Engineering team be contacted internally for further assessment of the requirement and if the requirement fits the SAP Private Link use-case at ECS this will subsequently result in the next steps of the required technical setup.
Please get in touch with your Customer Facing contacts at Enterprise Cloud Services to discuss pricing involved for the connectivity-related components.
The SAP Private Link Service is not a replacement of the SAP Cloud Connector which still has pre-dominantly large use-cases ( Martin’s ‘cloud connector vs. Private Link’ Blog post here is a good read to understand the differences– however SAP Private Link serves as a great 'Private' connectivity option for certain use-cases enabling access to private service endpoints and avoids public endpoints, thereby resulting in transfer of data over private networks. Finally, the SAP Private Link Service here offers a connectivity option to SAP BTP without involving any VM cost (..$$$..) .
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
11 | |
10 | |
10 | |
9 | |
8 | |
8 | |
6 | |
6 | |
6 | |
6 |