The process of implementing SAP solutions on AWS is very similar to the process of implementing SAP solutions on traditional infrastructure.
EC2-Classic Network
The EC2-Classic network is only recommended for SAP demo/training/test/POC type systems and simple SAP environments that do not require integration between multiple SAP solutions.
EC2-VPC Network
For most SAP on AWS use cases and scenarios the Amazon VPC network is the recommended network platform. With Amazon VPC network instead of the EC2-Classic network, you gain the ability to:
The diagram below depicts a complete SAP environment (DEV/QAS/PRD, Solution Manager, SAProuter, etc.) running on AWS integrated with on-premises systems and users via a VPN connection or AWS Direct Connect. The SAProuter is run in a public subnet and is assigned an Elastic IP (EIP) address to enable integration with the SAP OSS network via a VNC connection. The NAT instance in the public subnet enables instances in the private subnet to initiate outbound traffic to the Internet, but prevent the instances from receiving inbound traffic initiated by someone on the Internet.
The diagram below depicts SAP DEV/QAS landscapes and/or SAP test/training/POC systems running on AWS integrated with SAP systems and users on the corporate network. Connectivity between the Amazon VPC and the corporate network is enabled with either a VPN connection or AWS Direct Connect connection. The existing SAProuter and SAP
Solution Manager running on the corporate network are used to manage the SAP systems running within the VPC