SAP BTP and IAG Security
SAP Cloud Identity and Access Governance (IAG) including BTP Security Duration: 1.5 Months
https://youtu.be/5Bb7EmmFu9U?si=N7WuSLDMQ5O1XHMj
https://youtu.be/0ld8YMJLgpI?si=WCyuZWiV-D2cc6fs
https://youtu.be/vN3DounZtPU?si=zyuFD-75r8Y_ZIJe
Unit 1: Introduction of SAP Cloud Identity and Access Governance
- Introduction for SAP Cloud and Identity and Access Governance
- Challenge and solution for Security and Governance
- Architecture of SAP Cloud IAG
- Comparison of SAP IAG and SAP GRC
- Security and authorization
Unit 2: SAP Cloud Platform (BTP)
- Overview for SAP BTP
- SAP BTP Security
- Directory concept in BTP
- Subaccount concept in BTP
- Managing users and authorisations
- Subscription request and validation
- How to create user creation in BTP
- How to create roles in BTP
- Role collections and assignment of roles to users
Unit 3: SAP Cloud Identity authentication service (IAS) – overview
- SAP IAS Overview
- Difference between IAS, IPS and IAG
- How to Setup the trust relation between IAS and IAG
- Integration IAS with IAG
- IAG group maintenance in IAS and Assertion configuration
Unit 4: SAP IAG integration with on premise systems SAP GRC
- Integration of on premise system with Cloud Connector
- Add system connection with HTTP connection
- Add system connection with RFC connection
- System/ Communication user in Satellite system
- Create destination in BTP system
- Synchronization jobs details in IAG and purpose
- How to schedule and read the sync job details
Unit 5: SAP IAG integration with Cloud systems -overview
- Introduction for SAP Identity Provisioning services IPS
- Integration of IPS with SAP IAG
- IPS Proxy system configuration and steps
- Integration of cloud system with IPS
- Integration of IAG with Cloud system
Unit 6: Master data setup in SAP IAG
- Define business process, sub-process and function
- Application
- Segregation of tasks
Unit 7: IAG repository, sync Jobs and Job overview
- Group BFG and other information
- Sync objects form target system to IAG system repository
- Scheduling a job and overview of background Job
Unit 8: Access Analysis service
- Process – Analyze àRefine->Mitigate->Monitor
- Master data setup for AAS
- Risk ruleset upload by SAP
- Risk ruleset validation
- User risk analysis
- Custom risk ruleset update
- Mitigation control configuration
- Dashboard analysis
- Risk score policy
- Access refinement
- Shortcoming of IAG compare to SAP GRC
Unit 9: Role Designer in SAP IAG
- Master data setup for role designer
- Repository sync form target system
- Role owner creation and access assignment
- Access maintenance in IAG
- Business role creation in SAP IAG
- Candidate business role (CBR) creation overview
- CBR simulation and creation
- Shortcoming of IAG role designer compare with SAP GRC AC BRM
Unit 10: Access Request Management in SAP IAG
- Master data setup for ARM
- Business rule for workflow upload by SAP
- Workflow configuration and customization
- Custom field setup
- Access assignment for different type of owners
- Access request workflow process
- Audit trail analysis
- ARM Jobs and job overview
- Limitation of IAG with SAP GRC AC access request management
Unit 11: Access Certification in SAP IAG
- Planning Periodic review for User’s access
- Access certification configuration
- Starting complain for access certification
- Monitoring periodic review
Unit 12: SAP IAG Privilege access management
- Introduction of Privilege access management in SAP IAG
- Configuration of privilege access management
- Report and Monitoring of privilege access management
Unit 13: SAP IAG Bridge concepts – Overview
- Introduction of SAP IAG bridge
- Comparison of SAP IAG bridge with SAP GRC
- SAP Cloud connector overview
- Integration with SAP GRC AC
Unit 14: SAP IAG Reporting Service