Professional Documents
Culture Documents
SAP HANA Cloud - Foundation - Unit 3
SAP HANA Cloud - Foundation - Unit 3
SAP HANA Cloud - Foundation - Unit 3
A directory can be sub-divided into more directories to create a directory hierarchy. Subaccounts can be assigned to any level of the
directory hierarchy.
In order to find the overall information regarding the provisioning and consumption of resources at a global account level you go to
the SAP BTP cockpit and navigate to Usage Analytics.
Cloud Providers
Choose your cloud provider based on region where you would like you service provisioned from.
SAP
Amazon Web Services (AWS)
Google Cloud Platform (GCP)
Alibaba Cloud
Microsoft Azure
The SAP HANA cockpit provides a single point of access to a range of tools for the administration and detailed
monitoring of your SAP HANA cloud database. The tool presents key information about the database using configurable
cards. Each card provides only the essential information, but a drill-down is possible from each card to get to the
detailed information. The cards are grouped into views. SAP provide four standard views but administrators can created
additional views. A custom view can include only the cards they are interested in and also the settings and filters that
apply to them.
The key areas of SAP HANA Cloud that can be managed and monitored using the SAP HANA Cockpit include:
Services - database services such as indexserver, nameserver.
Memory - monitor memory usage and check out-of-memory issues
Alerts - be warned of critical situation such as disk becoming full
Workload - organise jobs into workloads for better system utilization
Table Usage - ensure tables are optimally designed for best performance
Database Configuration - manage configuration (*.ini) files that determine database behavior
You access the SAP HANA cockpit for your SAP HANA instance through SAP HANA Cloud Central, SAP BTP
Cockpit, or by using the direct URL.
The cloud version of SAP HANA Cockpit is based on the same design as the SAP HANA Cockpit used in SAP HANA
on-premise deployments.
The SAP HANA Cockpit has its own release cycle separate from SAP HANA Cloud. New features are immediately
pushed out to all customers. There is no upgrade to perform, this is done by the cloud provider.
SAP HANA Cockpit is used to manage only SAP HANA Cloud databases.
SAP BTP Cockpit is used to manage all SAP cloud applications which includes SAP HANA Cloud, but there are many
others too.
Command Line Interfaces are often preferred by administrators who want to create scripts to automate tasks, or to
copy/paste commands that are regularly used.
These are some of the tasks that you perform with the cf CLI.
Create spaces
Add ORGANIZATION members
Add SPACE members
Create SPACE quota plans
Assign quota plans to SPACES
The Database Explorer can be used with both HDI containers and classic schemas.
You access the SAP HANA Database Explorer from the SAP HANA Cockpit or from the Business Application Studio.
An SAP HANA Cloud database will usually have many containers. Each container will have various combinations of
user and role privileges assigned. This can soon become difficult to manage.
The HANA Deployment Infrastructure (HDI) Administration tool allows an administrator to easily navigate containers,
adding them into groups and displaying the users and roles that have been granted access to them. The administrator can
grant and revoke container privileges to users or roles. The tool is accessed from the SAP HANA Cloud Cockpit and is
located under Database Administration > HDI Administration.
Administrator Activities
Describe the key administration tasks of SAP HANA Cloud.
Start and Stop the SAP HANA Cloud Database
The SAP HANA Cloud administrator is responsible for starting and stopping the SAP HANA Cloud database instances.
Database instances setup under a trial BTP account will automatically stop after a period of inactivity. You will need to
restart them if you wish to use them again.
For SAP HANA Cloud, currently, a new version is released every 3 months. This is known as the quarterly release cycle
(QRC). The release code format is QRC QQ/YYYY.
Customers can choose to upgrade once the new release is available, or they can delay the upgrade for a maximum of 7
months. After 7 months if a customer did not choose to upgrade then the upgrade is performed automatically. The
automatic upgrade moves the customer to the next release after the one they were using, and not to the very latest release
available.
SAP continually provide patches that address security and other high priority aspects of SAP HANA Cloud and these do
not wait until the next QRC release.
The upgrade of SAP HANA Cloud highlights one of the biggest differences between SAP HANA Cloud and SAP
HANA on- premise. Whereas the upgrade of SAP HANA Cloud on-premise requires a significant investment in
resources and time, and includes many tasks, an SAP HANA Cloud upgrade is automated, very simple and is started
from a single menu option controlled by the customer. All aspects of the upgrade are taken care of by the cloud provider.
The recovery point objective (RPO) is no more than 15 minutes. This means that potential loss of data is limited to a
maximum of 15 minutes worth of data updates.
In order to create historical recovery points, snapshot backups can be created and retained. Up to 15 backups are
retained.
You can display information about available database backups in the SAP HANA cockpit.
Recovery of the SAP HANA Cloud Database is the responsibility of the SAP HANA Cloud Administrator.
Monitoring critical security settings - SAP provide recommendations for security settings such as password lifetime of
users, how system privileges should be distributed, setting the database activity trace level. The security administrator
should review and check these.
Data encryption - SAP HANA Cloud database uses a number of encryption services to protect data and logs. Although
SAP takes care of encryption, the security administrator should check the status of encryption using the SAP HANA
Cockpit.
Auditing activities - monitor and record selected actions performed in the SAP HANA database, providing visibility on
who did what in the database (or tried to do what) and when. Examples include, changes to user authorization, creation
or deletion of database objects, authentication of users, changes to system configuration, access to or changes to
sensitive information.
Manage certificates and keys required for trust validation -SAP HANA Cloud supports multiple authentication
methods and these often use keys and certificates.
Monitor data anonymization -SAP HANA Cloud database provides anonymization services to ensure the privacy of
data. This is implemented by creating SQL views that include a anonymization settings. The security administrator runs
reports that identify which views are anonymized (and which ones are not) and various KPIs that provide insight into
how data is being secured.
Watch this video to learn about managing users, roles and permissions.
In the SAP HANA Cloud, SAP HANA database, there is no single "user administrator" user, that is a user with the system privilege
USER ADMIN. This is because the user SYSTEM in SAP HANA database instances is reserved for use by SAP. The default
administration user in SAP HANA database instances is DBADMIN. As the administrator of the default user group, DBADMIN
can be used to set up other administration users and delegate administration tasks.