7 – Control access to your SAP workload through identity and permissions

How do you control access to your SAP workload? Use mechanisms provided by AWS, SAP, and other third parties to ensure that end users and interfacing systems are properly identified and authenticated. How are permissions controlled to ensure least privilege? How is access audited and reported on? Start by identifying your user categories and then systematically work through the controls and your identity management approach to limit access to your SAP workload.

ID	Priority	Best Practice
☐ BP 7.1	Required	Understand your SAP user categories and access mechanisms
☐ BP 7.2	Required	Manage privileged access for your SAP workload
☐ BP 7.3	Required	Understand your organization’s identity management approach, and its application to SAP
☐ BP 7.4	Highly Recommended	Implement logging and reporting for user access and authorization changes and events

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Best Practice 6.4 – Establish a plan for upgrading and patching all applicable software

Best Practice 7.1 – Understand your SAP user categories and access mechanisms