Secure operations
Encryption Of Data At Rest
Amazon Secret Access Keys are used for authenticating the SDK. They are encrypted using the SSF or Credential Store functionality by SAP.
Encryption Of Data In Transit
All calls to Amazon Web Services services are encrypted with HTTPS. The SAP ICM manages the HTTPS connection. Amazon certificates must be trusted in STRUST.
API Usage
When an ABAP user assumes a role using sts:assumeRole
, the session name is
titled USERID-SID-MANDT
, where:
-
USERID
is the ABAP user fromSY-UNAME
variable. -
SID
is the ABAP system ID fromSY-SYSID
variable. -
MANDT
is the ABAP client fromSY-MANDT
variable.
The session name appears in CloudTrail as user name. This ensures that API calls from an ABAP user can be traced back to the system, client, and user that initiated the call. For more information, see What is Amazon CloudTrail?