Connectors > Google® Cloud Platform
Overview
ASAPIO Integration Add-on facilitates the direct integration of supported SAP NetWeaver® systems with Google Cloud Platform, Pub/Sub event messaging service.
Add-on/component name | Type |
ASAPIO Integration Add-on – Framework | Base component (required) |
ASAPIO Integration Add-on – Connector for Google Pub/Sub | Additional package |
Key features:
- Supports a wide range of SAP NetWeaver based systems, including SAP ERP, S/4HANA, BW, HCM and many more
- Out-of-the-box connectivity to Google Pub/Sub
- Inbound connectivity is also possible, using a webhook to call the ASAPIO REST endpoint
- Switch between event-driven (single events) or batch mode (job-driven) calls
- Batch mode allows multi-threading with multiple SAP work processes
- From Pub/Sub, you can route the data to many more Google services, like
- Dataflow
- Cloud Storage
- Firestore
- BigQuery
- AppEngine
- …and many other services
Block Architecture (Example)
Pre-requisites
Pre-requisites for Google Pub/Sub services
Note
The following settings are specific to the connector for Google Pub/Sub.
Also, a Google Cloud account is required with access to the Google Pub/Sub service.
Steps required to establish connectivity
To establish connectivity with the Google Pub/Sub service, please proceed with the following activities and refer to the specific documentation chapters:
- Create RFC destinations to Google Cloud platform in the SAP system settings
- Set-up authentication to Google Cloud platform
- Set-up basic configuration to lay the foundation of using the Google Pub/Sub connector
- Set-up connection instance to Google Pub/Sub in ASAPIO Integration Add on
- See chapter Send example outbound message for a simple example to test connectivity
Create RFC destinations
Add Certificate to Trust Store
- Download all certificates (root and intermediate) from the GlobalSign website: support.globalsign.com
- In transaction STRUST, double click the node “SSL Client (Anonymous)”.
- In the very bottom press the “Import certificate” button and select the downloaded certificate file
- Press the “Add to Certificate List” button. Confirm by pressing “Save” button at the very top.
Create RFC destination for OAuth2 Authentication
Create a new RFC destination of type “G” (HTTP Connection to External Server).
- Transaction: SM59
- Create new destination of type “G”
- On “Technical Settings” tab, specify Target Host: oauth2.googleapis.com
- On “Logon & Security” tab activate SSL and select ANONYM SSL Client
- On “Special Options” tab set HTTP version to HTTP 1.0 and Accept Cookie to Yes (All)
- Save and press on “Connection Test”, which should result in HTTP status code 404
Create RFC destination for Google Pub/Sub messaging
- Transaction: SM59
- Create new destination of type “G”
- On “Technical Settings” tab, specify Target Host: pubsub.googleapis.com
- On “Logon & Security” tab, activate SSL and select ANONYM SSL Client
- On “Special Options” tab, the default values are sufficient
- Save and press on “Connection Test”, which will result in HTTP status code 404
Set-up Authentication
Create Service Account in Google Cloud Platform
To facilitate server to server connectivity you have to create a service account using the following steps:
- Create a new IAP-secured Web App User:
Navigate to IAM & Admin -> Service accounts and create a new service account. Type in a name and description and press create. On the next screen you have to select a role. Type in IAP in the search and select the role IAP-secured Web App User.
- Go to Actions > Manage keys and add a new P12 Key. Note down the password for later use.
Create new SSF Application
- Create a new entry in table SSFAPPLIC.
Transaction: SE16
Search for table SSFAPPLIC
Choose Execute
Create a new entry:
- Go to transaction: SSFA
Add new entry for the newly created SSF Application and set properties as shown in the screenshot (note especially the SSF Profile Name):
Import Service Account Certificate
The creation of the SSF application has created a new node in transaction STRUST.
For newer releases the following steps can be used:
- Transaction: STRUST
- Go into “Edit” mode
- In the menu bar choose PSE > Import and Import the .p12 file that you downloaded earlier
Note: if the import of the .p12 file was not possible, use the command line to convert the .p12 file to a .pse file as described in the next section - On the top menu select PSE > Save as
- Select “SSF Application” and select the SSF application you have created in the previous step
- Confirm and save
For older releases that dont support P12 Files follow these steps:
- Copy the P12 Key into a directory of your choice: <drive>:usrexe
- Open a command window and navigate to the executables directory
- Execute the sapgenpse command:
sapgenpse import_p12 -p <drive>:usr<SSF_Profile> <key_name>.p12
Example :
sapgenpse import_p12 -p D:usr/SAP/JWT_S2100.pse project-messaging-339506-323631149f29.p12
- Enter the password from your Google service account, that was shown while creating the P12 key.
- Go to transaction: STRUST
- In the menu bar choose PSE > Import and Import the just created .pse file
- On the top menu select PSE > Save as
- Select “SSF Application” and select the SSF application you have created earlier
- Confirm and save
Set-up basic settings
Note
The following settings are specific to the connector for Google Pub/Sub
Configure cloud adapter for Google Pub/Sub
Add an entry for the connector to the list of cloud adapters:
- Transaction: SPRO
- Go to IMG > ASAPIO Cloud Integrator – Maintain Cloud Adapter. Add New Entry and specify:
- Cloud Type
- ACI Handler Class: /ASADEV/CL_ACI_GPUBSUB_HANDLER
Set-up Codepages
Specify codepages used in the integration:
- Transaction: SPRO
- Go to IMG > ASAPIO Cloud Integrator – Maintain Cloud Codepages
- Add New Entry and specify the code pages to be used:
Set-up connection instance
Create the connection instance customizing together with the RFC destination created earlier and the cloud connector type:
- Transaction: SPRO
- Go to IMG > ASAPIO Cloud Integrator – Connection and Replication Object Customizing
- Add New Entry and specify:
- Field Instance: a name for this connection in
- Field RFC Dest. (Upload): the RFC destination create for the messaging endpoint
- Field ISO Code: the code page to use
- Field Cloud Type: GOOGLE_PS (or the name you chose when adding the connector)
Set-up Authentication
For OAuth based authentication using GCP, provide the following Default Attribute Values:
Mandatory Default Attribute Values:
- GCP_EMAIL_SERVICEACCT_JWT_ISS: The email address of your google service account created earlier.
- GCP_TOKEN_DESTINATION: The RFC destination created for the OAuth2 endpoint.
- GCP_SSF_PROFILE: Name for the PSE containing the certificate for the service account
Optional Default Attribute Values:
- GCP_EXPIRATION_TIME_JWT_EXP: The offset for the expiration time of the assertion, specified as seconds. This value has a maximum of 1 hour after the issued time.
- GCP_PERMISSION_JWT_SCOPE : A space-delimited list of the permissions that the application requests.
Set-up outbound messaging
Create Message Type
For each object to be sent via ACI you have to create a message type:
- Transaction: WE81
- Add New Entry and specify:
- Message Type: unique name for the integration
- Description: description of the purpose
Activate Message Type
The created message type has to be activated:
- Transaction: BD50
- Add New Entry and specify:
- Message Type: the created message type
- Active: tick the checkbox
Create Outbound Object Configuration
Create an outbound object configuration:
- Transaction: SPRO
- Go to IMG > ASAPIO Cloud Integrator – Connection and Replication Object Customizing
- Or go directly to transaction: /ASADEV/68000202
- Select the created Connection
- Go to section Outbound Objects
- Add New Entry and specify:
- Object: name of the outbound configuration
- Extraction Func. Module: /ASADEV/ACI_SIMPLE_NOTIFY
- Load Type: Incremental Load
- Trace: activate for testing purposes
- Formatting Func.: /ASADEV/ACI_EVNT_FORMATTER_GCP
This example uses the built-in notification event.
To utilize the built-in data events change the configuration of these fields:
- Extraction Func. Module: /ASADEV/ACI_GEN_VIEW_EXTRACTOR
- Formatting Function: /ASADEV/ACI_GEN_VIEWFORM_GCP
- Extraction View Name: Z_MARM_TEST
If you want to create different events with more data or different information in them then you can also create a custom extractor function module.
For more complex events we recommend splitting the extraction and formatting of the data by using the Formatting Function as well.
Set-up target endpoint in Header Attributes
Configure the topic / queue / event hub name to send the events to:
- Go to section Header Attributes
- Mandatory Header Attribute:
- Add New Entry and specify:
- Header Attribute: GOOGLE_TOPIC
- Header Attribute Value: projects/*********/topics/aci-messaging-topic
Set-up Business Object Event Linkage
Link the configuration of the outbound object to a Business Object event:
- Go to section Event Linkage
- Add New Entry and specify:
- Object Category: BOR Object Type
- Object Type: The Business Object Type sending the event
- Event: Event to react to
- Receiver Function Module: /ASADEV/ACI_EVENTS_TRIGGER
- Type linkage active: tick the checkbox