What, Who and How

Overview

Pyramid Consulting offers a comprehensive Next Generation Managed Services solution for SAP workloads on AWS. Our offering combines 16 years of proven SAP application and business consulting experience with the flexibility, elasticity, and global scalability of the AWS Cloud. We act as a Single Point of Contact (SPOC), eliminating the complexity of managing multiple vendors by comprehensively managing everything from cloud infrastructure (IaaS) to the SAP Basis application layer and its peripheral components, all aligned with the "Anything as a Service" (XaaS) value model.

Service Details and Technical Capabilities

Our MSP practice is designed to support the full digital transformation lifecycle of our SAP customers in the cloud:

1. Planning and Migration (Plan & Design / Build & Migrate):

• Consultative Consulting and Advanced TCO: We perform comprehensive Total Cost of Ownership (TCO) analyses and cost modeling to optimize spend from day zero. This includes recommending AWS instance models (e.g. Memory Optimized R6i/X2iedn for HANA) and the strategic use of Reserved Instances and Savings Plans to achieve significant contract savings. Sizing is done with standardized SAP tools (Quick Sizer) and validated with the AWS TCO Web Applications Guide.

• Accelerated Migration Strategies: We execute proven strategies such as "Lift and Shift" for rapid migration and "Full Refactoring" that includes a simultaneous modernization of the database (e.g. from any DB to SAP HANA or S/4HANA) and/or the operating system, leveraging AWS infrastructure. Installations have been completed from scratch on AWS for clients such as New Stratus Energy and Casa Luker, guaranteeing a cloud-native architecture.

• Automation and Consistent Deployment (IaC): We prioritize the use of CloudFormation and Terraform to implement Infrastructure as Code (IaC). This ensures that deployments of new SAP systems (DEV, QAS, PRD) or sandbox environments are repeatable, fast, and compliant with AWS and SAP security and configuration standards. This minimizes human error and speeds up time to market.

2. Run & Operate:

• 24/7 Unified and Proactive Monitoring: Monitoring is comprehensive and includes AWS infrastructure (using Amazon CloudWatch and CloudTrail for logs and changes) and the SAP application layer. We use SAP Solution Manager (SOLMAN) and our proprietary Sirius Monitor tool for critical alerts. The monitoring is proactive, detecting indicators such as the rate of transaction failures (T-codes), performance problems in the HANA database, failures in critical batch jobs (background jobs) and system crashes (dumps). Alerts are managed 24/7 and notified via dedicated channels (Telegram or integrations with the customer's ITSM).

• Security and Access Management: Security is managed using the principle of least privilege (IAM Roles for AWS services). Authentication in the Root Console requires the mandatory use of MFA (Multi-Factor Authentication), according to AWS MSP best practices. Credential management is centralized in KeePass, strictly auditing who and when accesses sensitive information. All communication with the SAP environment is done through secure VPNs (Site-to-Site or Client VPN), keeping the SAP infrastructure completely isolated from the public Internet.

• Backup & DR Defined: We manage SAP HANA/Oracle/SQL backups using standard tools (SAP Backint or EBS snapshots) to Amazon S3, a highly durable storage service. Explicit RPO (Recovery Point Objective) and RTO (Recovery Time Objective) are defined and documented for each client in the Statement of Work (SOW), ensuring that business continuity plans are regularly tested.

3. Optimize:

• We conduct Quarterly Business Reviews (QBRs) focused on optimizing capacity, performance and, crucially, cost efficiency.

• Continuous refactoring includes leveraging new AWS-native services (e.g., migrating from EBS GP2 to GP3 to improve performance and reduce costs without impact) and adopting new security capabilities.

Reference Architecture Diagram (Conceptual Model))

Our reference architecture implements a High Availability (HA) design distributed across multiple Availability Zones (AZs) within a Virtual Private Cloud (VPC), ensuring business continuity for critical workloads such as SAP HANA.

Key Components of the Architecture

1. Network and High Availability (Multi-AZ):

• The infrastructure is deployed across two Availability Zones (Availability Zone 1 and Availability Zone 2) for fault tolerance.

• Use of redundant VPC NAT Gateways redundantes (one per AZ) to manage secure outbound connectivity without exposing instances directly to the internet.

• Routing managed by Internet Gateway and Centralized Router.

2. SAP HANA Database Layer (HA Pair):

• Primary/Secondary Configuration: Deployment of a primary SAP HANA node in AZ 1 and a secondary SAP HANA node in AZ 2.

• Replication: Real-time data synchronization using HANA System Replication (HSR) to ensure near-zero RPO and fast failover.

• Granular EBS Storage: Each HANA node has dedicated EBS volumes optimized for performance and persistence, segregated by role:
- Root volume (Operating System).
- /usr/sap volume (SAP Binaries).
- HANA Data/Log volumes (Striped para alto IOPS).
- HANA Backup volume.
-HANA Shared volume.

3. Secure Access and Management:

• Bastion Hosts (Inbound SSH): Dedicated instances in each AZ for secure administrative access via SSH, protected with Elastic IPs.

• Management Instances (RDP): Windows servers with SAP HANA Studio installed in each AZ for graphical database management.

4. Object Storage and Backup Strategy:

• Native integration with Amazon S3 for long-lasting, low-cost storage.

• Use of dedicated buckets for HANA Media (installation media) and Backup Snapshots, ensuring out-of-region disaster recovery if needed.

Who?

Our MSP service is designed for organizations in Latin America and the U.S. that face critical challenges of technology obsolescence, high operational costs, or lack of in-house expertise in SAP and Cloud convergence. They are looking to modernize their SAP operations or migrate from On-Premise environments or legacy Private Clouds to AWS's scalable and resilient infrastructure.

Ideal Customer Profile

• Key Vertical Sectors: We focus on Energy (New Stratus Energy), Agribusiness and Food (Casa Luker), the Public Sector/Services (Bogotá Chamber of Commerce), and Pharmaceutical/Health (HEEL), where system criticality and the need for regulatory compliance are high.

• Critical Technical Needs: Customers who demand high availability (HA) for production environments, robust Disaster Recovery (DR) with fast failover, and strict compliance with security and encryption standards (both in transit and at rest).

• Common Business Scenario:
- Obsolescence and: Companies facing expensive hardware refurbishment and looking to shift the spending model from CAPEX to flexible AWS OPEX.
- ervice Consolidation: Customers looking for a single contract that consolidates SAP licensing (under the RISE/GROW framework), AWS infrastructure, and management services, simplifying the relationship with the vendor.
- Cloud Adoption and Compliance: Organizations starting their cloud journey and require a partner with expertise in advanced data security and compliance.

How?

Engagement Model

1. Discovery and Scope Definition: Initial meetings to understand the context of the business.

2. Technical Validation and Sizing: The pre-sales team and architects validate the technical feasibility, perform the Sizing on AWS and define the reference architecture.

3. Formal Statement of Work (SOW): A clear Statement of Work (SOW) is delivered, using standardized templates that include a detailed RACI Matrix, scope of service, SLAs, and migration milestones.

4. Alignment with AWS: The commitment is formally recorded in the APN portal, ensuring collaboration and use of AWS Account Executive (AM) and Solutions Architect (SA) resources.

Delivery Model

• SAP-centric IT Service Management (ITSM): We use SAP Solution Manager (SOLMAN) as the central platform for ITSM. This allows incidents, service requests and problems to be managed (Root Cause Analysis - RCA) with a native view of the SAP application, complementing standard ticketing services. The workflow ensures the traceability of issues from the alert generated by Sirius Monitor/SOLMAN to resolution by the Basis/CloudOps team.

• PDetailed Onboarding Process: The onboarding process is rigorous and includes the configuration of the AWS Account following the Multi-Account model, ensuring: 1) Configuration of IAM according to the principle of least privilege, 2) Activation of AWS CloudTrail and AWS Config for constant auditing and governance, and 3) Initial deployment of Sirius Monitor monitoring agents.

• Governance and Transparency: We establish a formal governance framework that includes weekly Op-Review meetings and monthly Service Reviews to analyze SLA performance, cost consumption, and opportunities for improvement.

• Support and Operations: The Pyramid team maintains the total management of the access and operations of the AWS layer, guaranteeing the integrity of the infrastructure. The customer interacts with the SAP application layer and the MSP's help desk, ensuring a real managed service and not just a resale of instances.