Secure operations - Amazon SDK for SAP ABAP
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Secure operations

Encryption Of Data At Rest

Amazon Secret Access Keys are used for authenticating the SDK. They are encrypted using the SSF or Credential Store functionality by SAP.

Encryption Of Data In Transit

All calls to Amazon Web Services services are encrypted with HTTPS. The SAP ICM manages the HTTPS connection. Amazon certificates must be trusted in STRUST.

API Usage

When an ABAP user assumes a role using sts:assumeRole, the session name is titled USERID-SID-MANDT, where:

  • USERID is the ABAP user from SY-UNAME variable.

  • SID is the ABAP system ID from SY-SYSID variable.

  • MANDT is the ABAP client from SY-MANDT variable.

The session name appears in CloudTrail as user name. This ensures that API calls from an ABAP user can be traced back to the system, client, and user that initiated the call. For more information, see What is Amazon CloudTrail?