Deploying SAP Systems on AWS. Most SAP solutions on AWS can be installed manually by provisioning it into certified EC2 instances and configuring it as you would according to the SAP installation guides. There are also AWS quick starts to help deploy popular solutions based on the best practices for security and availability. Quick starts are referenced deployments built by AWS solutions architects and partners to eliminate the manual labor required for SAP deployments. 

You can build or test your environment in a few steps and start using it quickly. Finally, there are images with some SAP solutions that contain preinstalled and preconfigured SAP system software. As an SAP prebuilt SAP system image enables you to rapidly provision an SAP system without having to incur the heavy lifting that may be required with a manual SAP installation. Prebuilt SAP system images are available in the AWS marketplace. Solutions include prebuilt images or quick starts for SAP NetWeaver, SAP HANA, SAP BusinessObjects BI, SAP Business One for SAP Hana, and SAP Business One for Microsoft SQL Server.

Now, speaking about SAP on AWS architectures, there are two primary architectural patterns that exist for SAP on AWS. The SAP All on AWS architecture and the SAP Hybrid AWS architecture. The SAP All on AWS architecture can be the result of a new SAP environment on AWS or a migration of a complete existing SAP environment to AWS. The general topology is as shown. In this diagram, we show the SAP All on AWS type of architecture. 

The SAP environment running on AWS is connected to the armed premises data center using a VPN connection or via direct connect. Note that the customer gateway and the VPN gateway defining the connection to the corporate data center. The SAP router instance is deployed in a public subnet and assigned a public IP address to enable integration with the SAP OSS network via a secure network communications. This is done through the Internet Gateway. The NAT gateway also lives on the public subnet and requires an elastic IP address in order to enable instances in the private subnets to connect to the Internet or other AWS services and prevents instances from the receiving inbound traffic. So, the NAT Gateway gives you a one-way street to the public internet without compromising any inbound security.

Next up, is the SAP Hybrid AWS architecture. In the SAP Hybrid AWS architecture, some SAP systems live in your corporate data center and others will live on AWS. The SAP Hybrid AWS architecture can be the result of a test, training, proof of concept system on AWS. It could also be non-production for example of development environment or a QA environment. So, SAP landscapes integrated with an SAP production landscape running on your corporate data center can represent a hybrid architecture. 

It can also be represented by a new SAP application on AWS and integrating it with an existing SAP corporate data center environment. We get to see on the diagram, the basic topology for this hybrid implementation. The SAP Hybrid AWS architecture with SAP development, SAP proof of concepts, or SAP training and trial systems are running on the AWS environment. These systems are integrated with SAP on your actual corporate data center. Once again, connectivity between the VPC and the corporate network is provided either with a VPN connection or through a direct connect connection. The existing SAP router and SAP solutions manager running on the corporate network are used to manage the SAP systems running within the VPC.