In this section of the AWS Certified: SAP on AWS Specialty learning path, we introduce you to strategies for operating and monitoring SAP workloads on AWS.
Learning Objectives
- Understand how to use Amazon CloudWatch, AWS CloudTrail, and AWS Config to manage and monitor SAP infrastructure on AWS
- Describe various AWS cost management tools including Cost Explorer, AWS Cost and Usage Reports, and AWS Budgets
- Understand how to automate patch and state operations for our SAP instances using AWS Systems Manager
- Explain how the AWS Data Provider for SAP is used to help gather performance-related data across AWS services
Prerequisites
The AWS Certified: SAP on AWS Specialty certification has been designed for anyone who has experience managing and operating SAP workloads. Ideally you’ll also have some exposure to the design and implementation of SAP workloads on AWS, including migrating these workloads from on-premises environments. Many exam questions will require a solutions architect level of knowledge for many AWS services. All of the AWS Cloud concepts introduced in this course will be explained and reinforced from the ground up.
Basic Systems Manager setup. Systems Manager is a collection of services you can use to manage any number of instances securely and efficiently. With Systems Manager, you can securely connect to your instances, perform manual work, collect software inventory, collect patch and compliance status, make resource configuration changes and execute any modification needed to establish the desired state for instances independently of the size of your fleet. Systems Manager puts all your relevant operational data into a single view of your infrastructure for performance and compliance.
Central to the operation of Systems Manager is the Systems Manager Agent. This is a software component which is required to be installed and configured on each machine in order to be considered a managed instance. A managed instance is a machine with the ability to communicate with Systems Manager and satisfies the following three requirements.
Number one, the Systems Manager Agent has been installed and configured. The agent executes and processes the task that you specify through any of the Systems Manager features like the run command. This is an essential requirement component.
Number two, a role with the permissions needed has been defined and associated with the instance. The preexisting policy Amazon EC2 role for SSM defines the permissions and access controls between EC2 instances and Systems Manager. You can also use the policy called Amazon SSM Managed Instance Core.
The third requirement in order to set up a managed instance is that the instance needs to have access to the public Systems Manager access point. And this is done using an internet gateway for instances in a public subnet or a VPC endpoint for instances on private subnets. With these requirements in place, we get to be able to use Systems Manager features to handle our fleet of instances.
Once again, the Systems Manager Agent needs to be installed. The instances need corresponding access permissions enabled using a role. And the instance has to have access to the public Systems Manager endpoint. That's the basic Systems Manager instance setup.
Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.
To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance.
Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.
He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.
In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.
Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.