Getting Started with BTP Private Link Service for Azure
source link: https://blogs.sap.com/2021/12/29/getting-started-with-btp-private-link-service-for-azure/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Getting Started with BTP Private Link Service for Azure
|
NEWS FEED 22nd of June 2022: General Availability Annoucement. You can start using productively. Or as Gowri from SAP put it: prime time 3rd of June 2022: SAP Cloud Application Programming model and Cloud SDK for JavaScript now support Private Link. Consider upgrading both libraries. 31st of March 2022: Remaining BTP on Azure regions added. Choose between West US2, East US, West EU, Singapore, Japan, and Australia East. 13th of Jan 2022: SAP CloudSDK v3.61.0 for Java supports new proxy type PrivateLink. Consider upgrading your pom.xml. 24th of Nov 2021: SAP introduced hostname feature for PLS. Going forward host names are used instead of private IPs. 17th of Dec 2021: SAP introduced new ProxyType “PrivateLink” config for Destinations. It allows cleaner setup compared to misleading label “Internet” as before. Older Cloud SDK versions do not support it (see note from 13th of Jan 2022). Furthermore, there is now support for MariaDB and MySQL as PaaS options on Azure. See the official SAP docs and blog post for more details. |
Dear community,
I am running a series of blog posts around the topic of #SAP Private Link service with Azure. My primary goal is sharing service implementation experience and possible applications of this new BTP service, that is currently in SAP Beta. Ideally it gives you a kickstart into your own journey of private connectivity on BTP.
To be clear: the Azure part of the mix has been generally available (GA) for years, only SAP’s implementation that exposes that service to BTP and ultimately to you as a customer just reached GA state recently.
Of we go to link what was meant to be linked, I solemnly pinkie swear – private linky I mean 
Going forward I will always refer to BTP Private Link Service in short with PLS.
Find you way around the blog series with below tables.
VM-based scenarios with PLS (Azure Standard Load Balancer required)
|
Part1 Introductory post to the series “Whatever happens in an Azure and BTP private linky swear, stays in the linky swear! An implementation story of the Private Link Service for Azure.” |
Understand Private Link Service and its connectivity scope. I show how to perform OData calls via the private tunnel using SAP Cloud SDK for Java/CAP. |
|
Part 2 Expose PLS to SAP Cloud Integration (specifically CPI) “Business as usual for iFlows with Private Link Service” |
Add cf proxy app to enable CPI to route calls through PLS. If SAP implements direct “line of sight” for Cloud Integration, Connectivity service and PLS we would no longer need an app to proxy. |
|
Part 3 Consider architecture impact – broaden scope to production environments “How many pinkies do I need? Architecture impact of Private Link Service.” |
Shedding light on the different deplyoment modes given by your SAP architecture. |
|
Part 4 Focus on development environment “How do I debug and test with live data via Private Link Service?” |
Learn how to enable debugging and proper testing with live data while using the PLS from SAP Business Application Studio or Visual Studio Code locally. |
|
Part 5 Implement SAP Principal Propagation via PLS “Propagate your SAP principels via Private Link Service” |
Describes SAP Principal Propagation – cf user mapping to SAP backend users. |
|
Part 6 Restrict access to your PLS exposed backend endpoints “Keep the auditor happy with Private Link Service” |
Understand the means, limitations and “places” to maintain backend access restrictions when using PLS. |
|
Part 7 Implement end-to-end SSL when using PLS “How to setup SSL end-to-end with Private Link Service” |
Learn how to setup SAP Personal Security Environment and BTP Destinations to ensure end-to-end communication encryption. |
Jul 24, 2021: Session from SAP on Azure YouTube Channel (early stages of PLS beta! Narrative in the series evolved over time)
Azure PaaS scenarios with PLS
| Understanding connectivity options to Azure PaaS from BTP | Describes Azure PaaS connectivity options from BTP illustrated with an example app deployed in CloudFoundry environment consuming MySQL on Azure. |
| Integration not yet supported Azure PaaS with SAP Private Link Service | Describes approaches with SAP WebDispatcher and SAP Cloud Connector to connect privately from BTP to customer-owned Azure API Management as an example. |
Official references
SAP docs
SAP announcements
Microsoft docs
Find all artifacts from the series on my GitHub repos here.
As always feel free to ask lots of follow-up questions.
Cheers
Martin
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK