Initial commit

2025-11-30 08:55:02 +08:00
commit 6942e32e6b
26 changed files with 7173 additions and 0 deletions
--- a/references/setup.md
+++ b/references/setup.md
@@ -0,0 +1,334 @@
+# SAP BTP Setup Reference
+
+## Overview
+
+Setting up SAP BTP landscape is an administrative task that involves configuring account structures, users, and infrastructure automation.
+
+## Account Model
+
+### Hierarchy
+
+```
+Global Account
+├── Directory (optional)
+│   ├── Subaccount (DEV)
+│   ├── Subaccount (QA)
+│   └── Subaccount (PROD)
+└── Subaccount (Shared Services)
+```
+
+### Subaccount Configuration
+
+Each subaccount can have:
+- Cloud Foundry environment
+- Kyma environment
+- ABAP environment
+- Service instances
+- Role assignments
+
+## User Types
+
+### Platform Users
+
+**Role**: Developers, administrators, operators
+
+**Responsibilities**:
+- Application deployment
+- System administration
+- Troubleshooting
+- Operations
+
+**Access**: Subaccounts, services, runtimes
+
+### Business Users
+
+**Role**: End users of applications
+
+**Access**: Deployed applications, SaaS services
+
+## Terraform Provider for SAP BTP
+
+### Overview
+
+**Purpose**: Automate provisioning, management, and configuration
+
+**Benefits**:
+- Infrastructure as code
+- Reproducible deployments
+- Version-controlled configuration
+- CI/CD integration
+
+### Installation
+
+```hcl
+# main.tf
+terraform {
+  required_providers {
+    btp = {
+      source  = "SAP/btp"
+      version = "~> 1.0"
+    }
+  }
+}
+
+provider "btp" {
+  globalaccount = var.globalaccount
+}
+```
+
+### Common Resources
+
+#### Subaccount
+
+```hcl
+resource "btp_subaccount" "dev" {
+  name      = "development"
+  subdomain = "dev-${var.org_id}"
+  region    = "eu10"
+  labels = {
+    environment = "development"
+  }
+}
+```
+
+#### Entitlements
+
+```hcl
+resource "btp_subaccount_entitlement" "hana" {
+  subaccount_id = btp_subaccount.dev.id
+  service_name  = "hana-cloud"
+  plan_name     = "hana"
+  amount        = 1
+}
+
+resource "btp_subaccount_entitlement" "cf" {
+  subaccount_id = btp_subaccount.dev.id
+  service_name  = "APPLICATION_RUNTIME"
+  plan_name     = "MEMORY"
+}
+```
+
+#### Service Instances
+
+```hcl
+resource "btp_subaccount_service_instance" "xsuaa" {
+  subaccount_id  = btp_subaccount.dev.id
+  name           = "my-xsuaa"
+  serviceplan_id = data.btp_subaccount_service_plan.xsuaa.id
+  parameters = jsonencode({
+    xsappname   = "my-app"
+    tenant-mode = "dedicated"
+  })
+}
+```
+
+#### Role Collections
+
+```hcl
+resource "btp_subaccount_role_collection_assignment" "admin" {
+  subaccount_id        = btp_subaccount.dev.id
+  role_collection_name = "Subaccount Administrator"
+  user_name           = "admin@example.com"
+}
+```
+
+### Complete Example
+
+```hcl
+# variables.tf
+variable "globalaccount" {
+  description = "Global account subdomain"
+  type        = string
+}
+
+variable "region" {
+  description = "BTP region"
+  type        = string
+  default     = "eu10"
+}
+
+variable "admins" {
+  description = "List of admin users"
+  type        = list(string)
+}
+
+# main.tf
+terraform {
+  required_providers {
+    btp = {
+      source  = "SAP/btp"
+      version = "~> 1.0"
+    }
+  }
+}
+
+provider "btp" {
+  globalaccount = var.globalaccount
+}
+
+# Development subaccount
+resource "btp_subaccount" "dev" {
+  name      = "Development"
+  subdomain = "dev-myorg"
+  region    = var.region
+}
+
+# Enable Cloud Foundry
+resource "btp_subaccount_entitlement" "cf" {
+  subaccount_id = btp_subaccount.dev.id
+  service_name  = "APPLICATION_RUNTIME"
+  plan_name     = "MEMORY"
+}
+
+resource "btp_subaccount_environment_instance" "cf" {
+  subaccount_id    = btp_subaccount.dev.id
+  name             = "cf-dev"
+  environment_type = "cloudfoundry"
+  service_name     = "cloudfoundry"
+  plan_name        = "standard"
+  parameters = jsonencode({
+    instance_name = "cf-dev"
+  })
+}
+
+# HANA Cloud
+resource "btp_subaccount_entitlement" "hana" {
+  subaccount_id = btp_subaccount.dev.id
+  service_name  = "hana-cloud"
+  plan_name     = "hana"
+  amount        = 1
+}
+
+# Admin role assignment
+resource "btp_subaccount_role_collection_assignment" "admins" {
+  for_each = toset(var.admins)
+
+  subaccount_id        = btp_subaccount.dev.id
+  role_collection_name = "Subaccount Administrator"
+  user_name           = each.value
+}
+
+# outputs.tf
+output "subaccount_id" {
+  value = btp_subaccount.dev.id
+}
+
+output "cf_api_endpoint" {
+  value = btp_subaccount_environment_instance.cf.labels["API Endpoint"]
+}
+```
+
+### Terraform Commands
+
+```bash
+# Initialize
+terraform init
+
+# Plan changes
+terraform plan -var-file="dev.tfvars"
+
+# Apply changes
+terraform apply -var-file="dev.tfvars"
+
+# Destroy resources
+terraform destroy -var-file="dev.tfvars"
+```
+
+## Manual Setup Steps
+
+### 1. Global Account Configuration
+
+1. Access SAP BTP Cockpit
+2. Navigate to Global Account
+3. Configure directories (optional)
+4. Set up entitlements
+
+### 2. Subaccount Creation
+
+1. Click "Create Subaccount"
+2. Specify name and subdomain
+3. Select region
+4. Configure labels
+5. Enable environments
+
+### 3. Entitlement Assignment
+
+1. Navigate to Entitlements
+2. Configure Service Assignments
+3. Set quotas per service
+4. Assign to subaccounts
+
+### 4. User Management
+
+1. Navigate to Security > Users
+2. Add users by email
+3. Assign role collections
+4. Configure IdP trust (optional)
+
+## ABAP System Landscape Setup
+
+### Recommended Landscapes
+
+Start with only needed systems. Additional systems can be provisioned later.
+
+**3-System Landscape (DEV, QAS, PRD)**
+- Recommended for most projects
+- Suitable when development is occasional or release cycles are less frequent
+- Enables testing outside development
+- Verifies application behavior before production
+
+**5-System Landscape (DEV, COR, TST, QAS, PRD)**
+- Appropriate for larger teams with continuous development
+- Enables parallel correction handling
+- Supports uninterrupted development work
+
+### Sizing Specifications
+
+**Production Capacity:**
+- 1 ACU can serve up to **1,000 active business users per day**
+
+**Recommended Minimum Starting Configuration:**
+
+| Resource | Size | Memory |
+|----------|------|--------|
+| ABAP Compute Units (ACU) | 1 | 16 GB |
+| HANA Compute Units (HCU) | 2 | 32 GB total |
+
+**Scaling Options:**
+- Manual scaling via SAP BTP Cockpit
+- Automatic runtime scaling (Release 2402+) requires consumption-based contract
+
+**Cost Optimization:**
+- Use system hibernation for DEV, COR, TST systems during inactive periods
+- Reduces costs significantly when systems not in use
+
+## Best Practices
+
+### Account Structure
+
+| Environment | Purpose | Entitlements |
+|-------------|---------|--------------|
+| Development | Development work | Full entitlements |
+| QA/Test | Testing | Production-like |
+| Production | Live workloads | Production quotas |
+| Sandbox | Experimentation | Minimal |
+
+### Security
+
+1. **Least privilege** - Minimal necessary permissions
+2. **Separation of duties** - Different roles for different tasks
+3. **Audit logging** - Enable for compliance
+4. **IdP integration** - Use corporate identity
+
+### Automation
+
+1. **Use Terraform** for reproducibility
+2. **Version control** configurations
+3. **CI/CD integration** for changes
+4. **Document** manual steps
+
+## Source Documentation
+
+- Setup: [https://github.com/SAP-docs/btp-developer-guide/blob/main/docs/set-up-3b774f8.md](https://github.com/SAP-docs/btp-developer-guide/blob/main/docs/set-up-3b774f8.md)
+- SAP BTP Administrator's Guide: [https://help.sap.com/docs/btp/sap-business-technology-platform/administration-and-operations](https://help.sap.com/docs/btp/sap-business-technology-platform/administration-and-operations)
+- Terraform Provider: [https://registry.terraform.io/providers/SAP/btp/latest](https://registry.terraform.io/providers/SAP/btp/latest)