SAP Infrastructure on Amazon Web Service for A Saudi Based Bottled Water Company

A Bottled Water Company based out of KSA, has long been aligned with the evolving needs of the customers in the region. THe customer is one of the most reputed and well known water brands in the nation and has been aligned to the countries growth and vision. With a growing footprint and business changes, their technology needs continued evolving, thus requiring the need for a future ready infrastructure.

The customer’s vision is to be the first choice for the consumers by providing an excellent service with bottled drinking water that meets the international standards and fulfills the consumer’s needs.

By using Amazon Web Services, Citrus Consulting Services has provisioned speed, agility and flexibility for the SAP Infrastructure of A Saudi Based Bottled Water Company.

The customer Bottled Water Company Ltd. faced the following Challenges which encouraged them to choose AWS:

• With rapidly growing business in the KSA Region, customer’s data center was unable to keep up with the pace. It was getting expensive to scale, with a large upfront capital required for scaling the data center and time consumed in placing the orders for the hardware and its delivery.
• The customer Bottled Water Company Ltd. needed to save the upfront capital to be invested scaling up the existing on-premise data center.
• The customer Bottled Water Company used various reports on a daily, weekly and monthly basis which took a while to be generated in their existing SAP systems.
• The customer Bottles Water Company needed a scaled up and flexible infrastructure for their existing SAP environment without any time delay and with a quicker go to market strategy.
• Last challenge for the customer Bottled Water Company Ltd. was that this deployment of their IT Ecosystem on cloud was the very first experience for them, which had to be allayed by seamless delivery and swift migration from on premise to AWS.

The customer’s infrastructure is running on AWS Cloud while leveraging multiple services of AWS like Amazon Elastic Compute Cloud to house the various VMs designated for different operations and applications of the customer and provide secure and resizable compute capacity in the cloud

Each EC2 instance is attached with the Amazon Elastic Block Store Volume which is a high-performance block storage service designed for use with Amazon Elastic Compute Cloud (EC2) for both throughput and transaction intensive workloads at any scale. This duo of EC2 instances and EBS Volumes resides safely in the Amazon Virtual Private Cloud which provisions a logically isolated section of the AWS Cloud where the resources were launched in a virtual network defined. There were primarily 2 subnets created, a public and a private subnet which in turn included different subnets for various applications and grouped VMs.

The customer also used various other services like AWS CloudTrail which is a service that enables governance, compliance, operational auditing, and risk auditing along with a service for monitoring and observability named Amazon CloudWatch. Amazon Simple Storage Service (Amazon S3) was used which is an object storage service offering industry-leading scalability, data availability, security, and performance for the static contents of the application.

Apart from the above functional services, AWS Identity and Access Management (IAM) was used for the security purposed which enables the customer to manage access to Amazon services and resources securely. Using IAM, they can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources along with Amazon Virtual Private Network (Amazon VPN) to establish a secure and private encrypted tunnel from the customer network or device to the AWS global network.

For managing the AWS Account, we have used AWS IAM service. AWS Identity and Access Management (IAM) is a web service for securely controlling access to AWS services. With IAM, you can centrally manage users, security credentials such as access keys, and permissions that control which AWS resources users and applications can access.

For Monitoring the provisioned resources and Auditing users we have used Amazon CloudWatch & AWS CloudTrail services. Amazon CloudWatch monitors your AWS Web Services (AWS) resources and the applications you run on AWS in real time. You can use CloudWatch to collect and track metrics, which are variables you can measure for your resources and applications. AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure.

• Successful setup and configuration of the end to end SAP infrastructure on AWS
• Designed the architecture while keeping in mind the concepts of scalability and flexibility, in order to add/remove instances later from the AWS Account.
• Considerable reduction in the upfront payments for the IT infrastructure refresh and scale up.
• Considerable reduction in the maintenance costs and overhead costs for SAP Environment.
• Performance enhancement for the SAP Application and Database for the report generation and other business objectives.
• Successfully setup CloudWatch and CloudTrail Services for along with the appropriate metrics for monitoring the infrastructure. Also, setup various alarms for these metrics.

• Seamless and swift migration with next to zero downtime was taken forward for the customer’s SAP Environment to AWS.
• A near drop of about 25% upfront capital expenditure was achieved when the customer switched to an operational expenditure model.
• Complete management of the various access to AWS services and resources securely. Configured IAM with various users and groups with designated permissions
• A completely successful implementation of CloudTrail and CloudWatch along with rest of the services on AWS
• An approximate decrease of about 40% for the maintenance and overhead costs was achieved by migrating the entire SAP landscape to AWS.
• With the help of certified infrastructure for SAP by AWS, the application and database performance were enhanced up to such extents that it nearly took only 5 minutes to fetch a report which earlier took more than 30 minutes of time.