Technology Blogs by SAP
Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
cancel
Showing results for 
Search instead for 
Did you mean: 
albertoliu1993
Product and Topic Expert
Product and Topic Expert
1,877
Nowadays many companies choose to build business process extension projects for the SAP product they use and deploy on SAP Business Technology Platform, so that they could write the custom code and integrate with other SAP managed services or SaaS (software as a service) easily and quickly. At the same time, hyperscalers are playing an increasingly significant role today as they help companies lower the capital expenses, increase scalability and elasticity to the system, and enhance the performance of the system. Under such circumstances, it would be better for us to understand how to leverage the services provided by the hyperscaler while developing the BTP based business process extension project, so that we could benefit from the advantages provided by both SAP Business Technology Platform and hyperscaler. 

In this blog, I will show you how to integrate Amazon Simple Notification Service (Amazon SNS) with SAP Cloud Application Programming Model (CAP), to build an SAP S/4HANA business process extension App and receive email notifications leveraging the Amazon SNS service. In this blog, we will focus on how to implement Amazon SNS Service within CAP application to send out email notifications. 

 

Background Information 


The SAP Cloud Application Programming Model (CAP) is a framework of languages, libraries, and tools for building enterprise-grade BTP based services and applications. We could develop the BTP-based business applications by using Java and Node.js. Using the Cloud Application Programming model, we could significantly minimize the volume of codes we need to write and consume many services out-of-box. 

The Amazon Simple Notification Service (Amazon SNS) is a fully AWS managed publish/subscribe based service for both Application-to-Application (A2A) and Application-to-Person (A2P) communication. It provides Topic for high-throughput, push-based, many-to-many messaging between distributed systems, microservices, and event-driven serverless applications. With Amazon SNS topic, we could also send out messages to subscriber at scale via email, mobile text (SMS), and even mobile push. 

 

Business Scenario 


The business scenario we chose for this POV (Prove of Value) project is SAP S/4HANA Business Partner Validation. There is a third-party firm/team responsible for validating all newly created or changed business partners data in SAP S/4HANA system for a company. This third-party firm/team will do the validation through the standalone S/4HANA business process extension App deployed on SAP business technology platform, instead of logging in to the SAP S/4HANA system directly. In this standalone extension App, the validator could review the business partner's data, perform updates on the business partner address if necessary, and mark business partner’s validation status as NEW, IN PROCESS, VALID, and INVALID based on the condition. The validators could receive notifications through email or mobile text message whenever there is a business partner's data that needs to be validate. 

 

Architecture Diagram 





  • The Business Partner Validation application develops using SAP Cloud Application Programming Model (Java) and deploys on the SAP Business Technology Platform.

  • SAP S/4HANA On-Premises System sends message to SAP Event Mesh through Enterprise Messaging mechanism on every business partner create/change event.

  • Business Partner Validation Application consumes message from SAP Event Mesh message queue, persists business partner data into SAP HANA Cloud Database.

  • Business Partner Validation application sends out email or mobile text notification to validator through Amazon SNS Service.

  • Authorized validator login to Business Partner Validation application through Fiori Element UI.

  • Authorized validator review/update Business Partner address data, and update Business Partner verification code in Fiori Element UI

  • Business Partner Validation application Consume S/4HANA On-Premises Business Partner(A2X) OData API to update/release Business Partner through SAP Connectivity Service and Cloud Connector.


 

Technical Implementation Details


In this section, we will illustrate the technical detail of the key components used in this business partner validation project.

Configure Amazon SNS Service 


In order to let the CAP application publish message to the Amazon SNS Topic, there are few things we need to configure on the Amazon SNS Service and AWS Identity and Access Management (IAM) Service.

1.  Create a new IAM user with Programmatic Access Key ID & Secret Access Key in the AWS IAM Management Console


 

Make sure to note down the Access Key ID & Secret Access Key since we will need it in the Business Partner validation application.


Access Key ID & Secret Access Key is long-term credentials and could be used to sign programmatic requests to the AWS API by using the AWS SDK, so it is better for us to save Access Key ID and Secret Access Key in a secure location.

SAP Business Technology Platform gives us two ways that could be used to protect sensitive credentials. The first one is we could store the sensitive credentials by using SAP Credential Store service. It provides a repository for passwords, keys and keyrings for applications that are running on SAP Business Technology Platform. Please click here to learn more about the SAP Credential Store service.

The second way, which is also the way that implemented in this POV project, is to store the sensitive credentials as the CAP application environment variable through User-Provided-Variable, and then bind to the CAP application. In this way, we could avoid hard coding the Access Key ID and Secret Access Key in the code or the configuration file within the application and minimize the possibility of credentials leaking.

2. Create the topic with proper name under the Amazon SNS Service. Make sure to note down the Topic ARN since we will need it later.



3. Create a new user group in the AWS IAM, add the newly created IAM user into the group. 



4. Generate an identity based IAM policy in the AWS IAM. In the policy set Effect as Allow, add sns:Publish in the Action, and then paste the Topic ARN in the Resource. In this way, we can allow AWS principles to publish message to the SNS Topic if they have this policy attached to them.


5. Attach the policy to the IAM user group we just created. So that all the users within this group have the permission to publish message to the Amazon SNS Topic.



Code Implementation 


Amazon provides the AWS Software Development Kit (SDK) which simplifies use of AWS services by providing a set of libraries and clients that we could use directly inside of our SAP CAP Java code. In this section, I will show you how to use AWS SDK to publish message to the Amazon SNS Topic we just created.

1. Add AWS SDK Dependency in the pom.xml file in your CAP JAVA application
<!-- AWS SDK SNS -->
<dependency>
<groupId>software.amazon.awssdk</groupId>
<artifactId>sns</artifactId>
<version>2.17.228</version>
</dependency>

2. Configure the SnsClient in the code by providing the programmatic IAM user’s access key ID & access secret key. The following code example shows how to configure the SnsClient programmatically.
private SnsClient getAwsSnsClient() {

String accessKey = System.getenv("IAM_USER_ACCESS_KEY").toString();
String secretKey = System.getenv("IAM_USER_SECRET_ACCESS_KEY").toString();
Region region = Region.of(bpValidationTopicRegion);

AwsBasicCredentials awsCreds = AwsBasicCredentials.create(accessKey, secretKey);
SnsClient snsClient = SnsClient.builder().credentialsProvider(StaticCredentialsProvider.create(awsCreds)).region(region).build();

return snsClient;
}

3. Then we are good to use this SnsClient to publish the message from our JAVA CAP App to the Amazon SNS Topic. The following code example shows how to publish messages to the Amazon SNS topic.
@Value("${launchpadProperties.business-partner-validation-ui}")
private String launchpadURL;


// Step 4. Send Email Notification To Validator Through Amazon SNS
PublishResponse publishResult = null;
try {

String subject = "New S/4HANA Business Partner Validation Notification";
StringBuilder message = new StringBuilder();
message.append("Business Partner " + bpId + " Needs Validation. Please Validate ASAP");
message.append("\n");
message.append("Perform Validation By Click: " + launchpadURL);

SnsClient client = getAwsSnsClient();
PublishRequest request = PublishRequest.builder()
.topicArn(bpValidationAWSTopic)
.subject(subject)
.message(message.toString()).build();
publishResult = client.publish(request);
} catch (SnsException e) {

resp.setValidationResponse("500");
resp.setValidationMsg("Business Partner " + bpId + " Validation Completed, But Message Publish Failed");
context.setResult(resp);
context.setCompleted();
}

resp.setValidationResponse("200");
resp.setValidationMsg("Business Partner " + bpId + " Validation Completed.");
context.setResult(resp);
context.setCompleted();

With the code implementation above, the JAVA CAP App would be able to publish messages to the Amazon topic successfully. The subscriber of the Amazon topic we created in the previous step would receive email notification whenever there is a message published to the topic. The email notification within this POV project would be looks like on below. 


 

Conclusion 


With the help of AWS SDK, we could easily integrate Amazon SNS Service with SAP Cloud Application Programming Model, even with other AWS services as well, for example Amazon Simple Queue Service (Amazon SQS), AWS Secret Manager Service, and Amazon Simple Storage Service (Amazon S3) etc., If you are interested in replicating the POV project, deploying it to your own subaccount, and testing the process from end-to-end, please stay tuned as we will share the GitHub link for the source code of this POV project very soon. Thank you so much for your time and patience to read this blog to the very end. 

If you have any questions or would like to learn more about the integration between SAP Cloud Application Programming Model (CAP) and Amazon Simple Notification Service, please reach out to me, leave a comment under this blog, or send an email to ci_sce@sap.com.

 
1 Comment