SAP HANA Cloud
What is SAP HANA Cloud?
SAP HANA Cloud is SAP’s cloud-native database, delivered as a fully managed Database-as-a-Service (DBaaS). It combines the in-memory speed and performance of SAP HANA with cloud-optimized flexibility, connectivity, and features.
It acts as the core database layer within the SAP Business Technology Platform (BTP), which unifies database management, analytics, application development, integration, and intelligent technologies like AI.
SAP HANA Cloud supports the development and deployment of intelligent applications at scale, incorporating technologies like generative AI and context-aware processing. It handles both OLAP and OLTP workloads, making it a versatile solution for a wide range of enterprise scenarios.
Documentation
The SAP Help Portal serves as the central repository for all official SAP product documentation, offering content in multiple languages through machine translation capabilities
- SAP HANA Cloud: Overview, features, links to all component documentation.
- SAP HANA Cloud Getting Started Guide: Essential steps for initial setup, basic concepts, connecting clients.
- SAP HANA Cloud Administration Guide: Covers instance creation, management, maintenance using SAP HANA Cloud Central.
- SAP HANA Cloud,SAP HANA Database Administration Guide: Focuses on database-level administration tasks using SAP HANA Cockpit and Database Explorer (monitoring, security, tuning).
- Security in SAP HANA Cloud: Comprehensive guide on security features, configuration, and best practices.
- SAP HANA Database SQL Reference Guide: Definitive reference for SQL syntax, functions, data types, system views, error codes.
- SAP HANA Cloud Developer Guides: Guides for specific development topics like SQLScript, Modeling (Calculation Views), HDI, JSON Document Store, Spatial, Graph, etc.
- SAP HANA Database Vector Engine Guide: Specific documentation for using the REAL_VECTOR data type and similarity search functions:
- SAP HANA Database Predictive Analysis Library (PAL) Guide: Details on using the PAL algorithms for machine learning.
- SAP HANA Automated Predictive Library (APL) Developer Guide: Details on using the APL functions for automated machine learning.
- SAP HANA Cloud Migration Guide: Guidance on migrating from other SAP HANA versions to SAP HANA Cloud.
- SAP Tutorial Navigator: Collection of hands-on tutorials for developers and administrators.
- SAP Community (SAP HANA Cloud Tag): Blogs, articles, Q&A forums for community support and expert insights.
Setup
Setting up SAP HANA Cloud involves meeting specific prerequisites related to the SAP Business Technology Platform (BTP) environment and configuring the instance itself, typically through SAP HANA Cloud Central or command-line tools.
Prerequisites
- SAP BTP Environment
- An active SAP BTP global account is required. Setup Guide
- Within the global account, a subaccount must exist where SAP HANA Cloud Services entitlements and quota are assigned. More information available here.
- SAP BTP Roles and Authorizations
- Subaccount Administrator: Required for configuring the subaccount, managing entitlements and quotas, enabling CF and subscribing to services. More information available here.
- SAP HANA Cloud Administrator: Required specifically to access and use SAP HANA Cloud Central for creating and managing instances via the web UI. More information available here.
- Subaccount Service Administrator: Needed if provisioning instances using Infrastructure-as-Code tools like Terraform. More information available here.
- Database User Roles and Privileges
- Initial database administrator user is
DBADMIN, created during instance provisioning. - For Predictive Analysis Library (PAL), the executing database user needs the
AFL__SYS_AFL_AFLPAL_EXECUTErole. More information available here. - For Automated Predictive Library (APL), the executing database user needs the
sap.pa.apl.base.roles::APL_EXECUTErole. More information available here. - For using the Document Filters Library, the
AFL__SYS_AFL_DFL_AREA_EXECUTErole is required. More information available here.
- Initial database administrator user is
Setup Guide
SAP HANA Cloud Instances can be provisioned using several methods, catering to different preferences (UI, CLI).
- Using SAP HANA Cloud Central: Most common method involves the wizard in SAP HANA Cloud Central. Full tutorial available here.
- Alternative Methods: Instance provisioning can be automated using the CLI tools. Full tutorial available here.
Recommended
Maintaining a robust security posture is key.
- User Management & Authorization: Implement the principle of least privilege. Grant necessary permissions using database roles, like
AFL__SYS_AFL_AFLPAL_EXECUTEfor PAL orsap.pa.apl.base.roles::APL_EXECUTEfor APL, rather than assigning privileges directly to users. Regularly audit user access and role assignments. The initialDBADMINuser should be used primarily for administrative setup and granting roles, not for routine application access. - Authentication: Enforce strong password policies for database users. For enhanced security and user convenience, consider integrating SAP HANA Cloud authentication with corporate Identity Providers (IdPs) via SAP BTP's identity services to enable Single Sign-On (SSO).
- Encryption: SAP HANA Cloud automatically encrypts data at rest (including data volumes, redo logs, and backups) and data in transit. Organizations with specific compliance requirements can explore options for using customer-managed encryption keys via services like SAP Data Custodian, if available for their configuration. More information available here.
- Network Security: Strictly configure the "Allowed Connections" list in SAP HANA Cloud Central to permit access only from trusted IP addresses or ranges. If using the SAP Cloud Connector for hybrid connectivity to on-premise systems, ensure it is configured securely according to SAP guidelines. For direct, secure connections within hyperscaler environments, investigate SAP Private Link Service options. More information available here.
- Auditing: Configure database auditing policies to log relevant activities, such as sensitive data access or execution of specific procedures (e.g., APL functions), based on security and compliance requirements. See Activate the Traces and Audit SAP HANA APL pages.
- Data Protection & Privacy: Leverage built-in features like data masking and data anonymization where appropriate to protect sensitive information. Be mindful that database logs, traces, and dumps could potentially contain personal data and should be handled accordingly
Vector Engine
The SAP HANA Cloud Vector Engine is an integrated feature designed to support similarity search and other vector-based operations, primarily targeting Artificial Intelligence (AI) and Machine Learning (ML) use cases. More information available here. Key use cases enabled by this capability include:
- Semantic Search: Finding documents or items based on meaning rather than just keywords.
- Natural Language Processing (NLP): Various tasks involving understanding and comparing text.
- Retrieval-Augmented Generation (RAG): Enhancing LLM responses by retrieving relevant, up-to-date information from a vector database (like SAP HANA Cloud) and providing it as context to the LLM, thereby improving accuracy and relevance.
- Recommendation Systems: Suggesting similar items or content based on user preferences or item characteristics.
- Classification and Clustering: Grouping similar items together or assigning items to predefined categories based on vector proximity.
- Anomaly Detection: Identifying outliers or unusual data points that are distant from typical clusters in the vector space.
A significant advantage of SAP HANA Cloud's approach is the integration of the vector engine within the multi-model database. This means vector data (REAL_VECTOR type) coexists with relational, JSON, spatial, and graph data.
The REAL_VECTOR Data Type
The foundation of the vector engine is the REAL_VECTOR SQL data type. It stores a fixed-dimension vector of REAL elements, which correspond to IEEE 754 single-precision floating-point numbers. Its dimension can range from 1 up to 65000. More information available here.
Key Vector Functions
SAP HANA Cloud provides several built-in SQL functions for working with REAL_VECTOR data. A detailed guide can be found here:
-
Similarity/Distance Calculation: COSINE_SIMILARITY(
<vector1>,<vector2>): Calculates the cosine of the angle between two vectors. Result ranges from -1 (opposite) to 1 (identical direction), with 0 indicating orthogonality. Commonly used for semantic similarity. L2DISTANCE(<vector1>,<vector2>): Computes the Euclidean (straight-line) distance between the endpoints of two vectors in the vector space. -
- VECTOR_EMBEDDING (
<text>,<text_type>,<model_and_version>): Creates a REAL_VECTOR embedding from input text using a specified embedding model. Requires the "Natural Language Processing (NLP)" capability to be enabled for the instance.<text>: The input string.<text_type>: Specifies the nature of the text, typically 'DOCUMENT' for indexing content or 'QUERY' for embedding search queries.<model_and_version>: Identifies the embedding model, e.g., 'SAP_NEB.20240715'. Different models produce vectors of specific dimensions (e.g., 768 for SAP_NEB.20240715) and have input token limits.
- VECTOR_EMBEDDING (
-
Construction and Serialization:
- TO_REAL_VECTOR (
<input>): Constructs a REAL_VECTOR from various representations. More information available here:- Textual: e.g., TO_REAL_VECTOR('[0.1, 0.2, 0.3]')
- Binary: e.g., TO_REAL_VECTOR(x'03000000...') (hex representation of binary format)
- SQL Array: e.g., TO_REAL_VECTOR(ARRAY(0.1, 0.2, 0.3))
- TO_NVARCHAR(
<vector>),TO_NCLOB(<vector>): Serializes a vector to its textual representation More information available here. - TO_VARBINARY(
<vector>),TO_BLOB(<vector>): Serializes a vector to its binary representation. More information available here. - TO_ARRAY(
<vector>): Converts a vector to an SQL array of REAL elements. More information available here.
- TO_REAL_VECTOR (
-
Utility Functions: