diff --git a/README.md b/README.md
index 2e4a572..f5d0d0c 100644
--- a/README.md
+++ b/README.md
@@ -2,10 +2,166 @@
 
 
 ## Description
-This solution will perform automated deployment of  **Three Tier SAP S/4HANA Stack** on top of **Red Hat Enterprise Linux 7.6 for SAP**.
+This automation solution is designed for the deployment of **Three Tier SAP S/4HANA Stack** using IBM Cloud Schematics. The SAP solution will be deployed on top of one of the following Operating Systems: **SUSE Linux Enterprise Server 15 SP 3 for SAP**, **Red Hat Enterprise Linux 8.4 for SAP**, **Red Hat Enterprise Linux 7.6 for SAP** in an existing IBM Cloud Gen2 VPC, using an existing bastion host with secure remote SSH access.
 
-It contains:  
-- Terraform scripts for deploying two VSIs in an EXISTING VPC with Subnet and Security Group configs. The VSIs scope: one for the data base instance and one for the application instance.
+## Installation media
+SAP HANA installation media used for this deployment is the default one for **SAP HANA, platform edition 2.0 SPS05** available at SAP Support Portal under *INSTALLATION AND UPGRADE* area and it has to be provided manually in the input parameter file.
+
+SAP S/4HANA installation media used for this deployment is the default one for **SAP S/4HANA 2020** available at SAP Support Portal under *INSTALLATION AND UPGRADE* area and it has to be provided manually in the input parameter file.
+
+## VSI Configuration
+The VSIs are deployed with one of the following Operating Systems for DB server: Suse Linux Enterprise Server 15 SP 3 for SAP HANA (amd64), Red Hat Enterprise Linux 8.4 for SAP HANA (amd64) or Red Hat Enterprise Linux 7.6 for SAP HANA (amd64) and with one of the following Operating Systems for APP server: Suse Enterprise Linux 1 SP3 for SAP Applications (amd64), Red Hat Enterprise Linux 8.4 for SAP Applications (amd64), Red Hat Enterprise Linux 7.6 for SAP Applications (amd64). The SSH keys are configured to allow root user access. The following storage volumes are creating during the provisioning:
+
+HANA DB VSI Disks:
+- 3 x 500 GB disks with 10000 IOPS - DATA
+
+SAP APPs VSI Disks:
+- 1x 40 GB disk with 10 IOPS / GB - SWAP
+- 1 x 128 GB disk with 10 IOPS / GB - DATA
+
+In order to perform the deployment you can use either the CLI component or the GUI component (Schematics) of the automation solution.
+
+## 1.1 Executing the deployment of **Three Tier SAP S/4HANA Stack** in GUI (Schematics)
+
+The solution is based on Terraform remote-exec and Ansible playbooks executed by Schematics and it is implementing a 'reasonable' set of best practices for SAP VSI host configuration.
+
+**It contains:**
+- Terraform scripts for the deployment of two VSIs, in an EXISTING VPC, with Subnet and Security Group. The VSIs are intended to be used: one for the data base instance and the other for the application instance.
+- Bash scripts used for the checking of the prerequisites required by SAP VSIs deployment and for the integration into a single step in IBM Schematics GUI of the VSI provisioning and the **Three Tier SAP S/4HANA Stack** installation.
+- Ansible scripts to configure Three Tier SAP S/4HANA primary application server and a HANA 2.0 node.
+
+## IBM Cloud API Key
+The IBM Cloud API Key should be provided as input value of type sensitive for "ibmcloud_api_key" variable, in `IBM Schematics -> Workspaces -> <Workspace name> -> Settings` menu.
+The IBM Cloud API Key can be created [here](https://cloud.ibm.com/iam/apikeys).
+
+## Input parameters
+The following parameters can be set in the Schematics workspace: VPC, Subnet, Security group, Resource group, Hostname, Profile, Image, SSH Keys and your SAP system configuration variables, as below:
+
+**VSI input parameters:**
+
+Parameter | Description
+----------|------------
+ibmcloud_api_key | IBM Cloud API key (Sensitive* value).
+private_ssh_key | id_rsa private key content (Sensitive* value).
+SSH_KEYS | List of SSH Keys UUIDs that are allowed to SSH as root to the VSI. Can contain one or more IDs. The list of SSH Keys is available [here](https://cloud.ibm.com/vpc-ext/compute/sshKeys). <br /> Sample input (use your own SSH UUIDs from IBM Cloud):<br /> [ "r010-57bfc315-f9e5-46bf-bf61-d87a24a9ce7a" , "r010-3fcd9fe7-d4a7-41ce-8bb3-d96e936b2c7e" ]
+BASTION_FLOATING_IP | The FLOATING IP from the Bastion Server.
+RESOURCE_GROUP | The name of an EXISTING Resource Group for VSIs and Volumes resources. <br /> Default value: "Default". The list of Resource Groups is available [here](https://cloud.ibm.com/account/resource-groups).
+REGION | The cloud region where to deploy the solution. <br /> The regions and zones for VPC are listed [here](https://cloud.ibm.com/docs/containers?topic=containers-regions-and-zones#zones-vpc). <br /> Review supported locations in IBM Cloud Schematics [here](https://cloud.ibm.com/docs/schematics?topic=schematics-locations).<br /> Sample value: eu-de.
+ZONE | The cloud zone where to deploy the solution. <br /> Sample value: eu-de-2.
+VPC | The name of an EXISTING VPC. The list of VPCs is available [here](https://cloud.ibm.com/vpc-ext/network/vpcs)
+SUBNET | The name of an EXISTING Subnet. The list of Subnets is available [here](https://cloud.ibm.com/vpc-ext/network/subnets). 
+SECURITY_GROUP | The name of an EXISTING Security group. The list of Security Groups is available [here](https://cloud.ibm.com/vpc-ext/network/securityGroups). 
+DB-HOSTNAME | The Hostname for the HANA VSI. The hostname should be up to 13 characters as required by SAP.  For more information on rules regarding hostnames for SAP systems, check [SAP Note 611361: Hostnames of SAP ABAP Platform servers](https://launchpad.support.sap.com/#/notes/%20611361)
+DB-PROFILE |  The instance profile used for the HANA VSI. A list of profiles is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-profiles) <br>  For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check [SAP Note 2927211: SAP Applications on IBM Virtual Private Cloud](https://launchpad.support.sap.com/#/notes/2927211) <br /> Default value: "mx2-16x128"
+DB-IMAGE | The OS image used for HANA VSI. A list of images is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-about-images).<br /> Default value: ibm-redhat-7-6-amd64-sap-hana-3
+APP-HOSTNAME | The Hostname for the SAP Application VSI. The hostname must have up to 13 characters as required by SAP.  For more information on rules regarding hostnames for SAP systems, check [SAP Note 611361: Hostnames of SAP ABAP Platform servers](https://launchpad.support.sap.com/#/notes/%20611361)
+APP-PROFILE |  The instance profile used for SAP Application VSI. A list of profiles is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-profiles) <br>  For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check [SAP Note 2927211: SAP Applications on IBM Virtual Private Cloud](https://launchpad.support.sap.com/#/notes/2927211) <br /> Default value: "bx2-4x16"
+APP-IMAGE | The OS image used for SAP Application VSI. A list of images is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-about-images).<br /> Default value: ibm-redhat-7-6-amd64-sap-applications-3
+
+
+**SAP input parameters:**
+
+Parameter | Description | Requirements
+----------|-------------|-------------
+hana_sid | The SAP system ID identifies the SAP HANA system | <ul><li>Consists of exactly three alphanumeric characters</li><li>Has a letter for the first character</li><li>Does not include any of the reserved IDs listed in SAP Note 1979280</li></ul>|
+hana_sysno | Specifies the instance number of the SAP HANA system| <ul><li>Two-digit number from 00 to 97</li><li>Must be unique on a host</li></ul>
+hana_main_password | Common password for all users that are created during the installation | <ul><li>It must be 8 to 14 characters long</li><li>It must consist of at least one digit (0-9), one lowercase letter (a-z), and one uppercase letter (A-Z).</li><li>It can only contain the following characters: a-z, A-Z, 0-9, !, @, #, $, _</li><li>It must not start with a digit or an underscore ( _ )</li></ul> <br /> (Sensitive* value)
+hana_system_usage  | System Usage | Default: custom<br> Valid values: production, test, development, custom
+hana_components | SAP HANA Components | Default: server<br> Valid values: all, client, es, ets, lcapps, server, smartda, streaming, rdsync, xs, studio, afl, sca, sop, eml, rme, rtl, trp
+kit_saphana_file | Path to SAP HANA ZIP file | As downloaded from SAP Support Portal
+sap_sid | The SAP system ID <SAPSID> identifies the entire SAP system | <ul><li>Consists of exactly three alphanumeric characters</li><li>Has a letter for the first character</li><li>Does not include any of the reserved IDs listed in SAP Note 1979280</li></ul>
+sap_ascs_instance_number | Technical identifier for internal processes of ASCS| <ul><li>Two-digit number from 00 to 97</li><li>Must be unique on a host</li></ul>
+sap_ci_instance_number | Technical identifier for internal processes of CI| <ul><li>Two-digit number from 00 to 97</li><li>Must be unique on a host</li></ul>
+sap_main_password | Common password for all users that are created during the installation | <ul><li>It must be 10 to 14 characters long</li><li>It must contain at least one digit (0-9)</li><li>It can only contain the following characters: a-z, A-Z, 0-9, @, #, $, _</li><li>It must not start with a digit or an underscore ( _ )</li></ul> <br /> (Sensitive* value)
+hdb_concurrent_jobs | Number of concurrent jobs used to load and/or extract archives to HANA Host | Default: 23
+kit_sapcar_file  | Path to sapcar binary | As downloaded from SAP Support Portal
+kit_swpm_file | Path to SWPM archive (SAR) | As downloaded from SAP Support Portal
+kit_sapexe_file | Path to SAP Kernel OS archive (SAR) | As downloaded from SAP Support Portal
+kit_sapexedb_file | Path to SAP Kernel DB archive (SAR) | As downloaded from SAP Support Portal
+kit_igsexe_file | Path to IGS archive (SAR) | As downloaded from SAP Support Portal
+kit_igshelper_file | Path to IGS Helper archive (SAR) | As downloaded from SAP Support Portal
+kit_saphostagent_file | Path to SAP Host Agent archive (SAR) | As downloaded from SAP Support Portal
+kit_hdbclient_file | Path to HANA DB client archive (SAR) | As downloaded from SAP Support Portal
+kit_s4hana_export | Path to S/4HANA Installation Export dir | The archives downloaded from SAP Support Portal should be present in this path
+
+**Obs***: <br />
+- Sensitive - The variable value is not displayed in your Schematics logs and it is hidden in the input field.<br />
+- The following parameters should have the same values as the ones set for the BASTION server: REGION, ZONE, VPC, SUBNET, SECURITYGROUP.
+- For any manual change in the terraform code, you have to make sure that you use a certified image based on the SAP NOTE: 2927211.
+
+
+## VPC Configuration
+
+The Security Rules inherited from BASTION deployment are the following:
+- Allow all traffic in the Security group for private networks.
+- Allow outbound traffic  (ALL for port 53, TCP for ports 80, 443, 8443)
+- Allow inbound SSH traffic (TCP for port 22) from IBM Schematics Servers.
+
+
+ ## Files description and structure:
+
+ - `modules` - directory containing the terraform modules
+ - `main.tf` - contains the configuration of the VSI for the deployment of the current SAP solution.
+ - `output.tf` - contains the code for the information to be displayed after the VSI is created (Hostname, Private IP)
+ - `integration*.tf` - contains the integration code that makes the SAP variabiles from Terraform available to Ansible.
+ - `provider.tf` - contains the IBM Cloud Provider data in order to run `terraform init` command.
+ - `terraform.tfvars` - contains the IBM Cloud API key referenced in `provider.tf` (dynamically generated)
+ - `variables.tf` - contains variables for the VPC and VSI
+ - `versions.tf` - contains the minimum required versions for terraform and IBM Cloud provider.
+
+
+## Steps to follow:
+
+1.  Make sure that you have the [required IBM Cloud IAM
+    permissions](https://cloud.ibm.com/docs/vpc?topic=vpc-managing-user-permissions-for-vpc-resources) to
+    create and work with VPC infrastructure and you are [assigned the
+    correct
+    permissions](https://cloud.ibm.com/docs/schematics?topic=schematics-access) to
+    create the workspace in Schematics and deploy resources.
+2.  [Generate an SSH
+    key](https://cloud.ibm.com/docs/vpc?topic=vpc-ssh-keys).
+    The SSH key is required to access the provisioned VPC virtual server
+    instances via the bastion host. After you have created your SSH key,
+    make sure to [upload this SSH key to your IBM Cloud
+    account](https://cloud.ibm.com/docs/vpc-on-classic-vsi?topic=vpc-on-classic-vsi-managing-ssh-keys#managing-ssh-keys-with-ibm-cloud-console) in
+    the VPC region and resource group where you want to deploy the SAP solution
+3.  Create the Schematics workspace:
+    1.  From the IBM Cloud menu
+    select [Schematics](https://cloud.ibm.com/schematics/overview).
+       - Click Create a workspace.   
+       - Enter a name for your workspace.   
+       - Click Create to create your workspace.
+    2.  On the workspace **Settings** page, enter the URL of this solution in the Schematics examples Github repository.
+     - Select the latest Terraform version.
+     - Click **Save template information**.
+     - In the **Input variables** section, review the default input variables and provide alternatives if desired.
+    - Click **Save changes**.
+
+4.  From the workspace **Settings** page, click **Generate plan** 
+5.  Click **View log** to review the log files of your Terraform
+    execution plan.
+6.  Apply your Terraform template by clicking **Apply plan**.
+7.  Review the log file to ensure that no errors occurred during the
+    provisioning, modification, or deletion process.
+
+The output of the Schematics Apply Plan will list the public/private IP addresses
+of the VSI host, the hostname and the VPC.  
+
+
+### Related links:
+
+- [How to create a BASTION/STORAGE VSI for SAP in IBM Schematics](https://github.com/IBM-Cloud/sap-bastion-setup)
+- [Securely Access Remote Instances with a Bastion Host](https://www.ibm.com/cloud/blog/tutorial-securely-access-remote-instances-with-a-bastion-host)
+- [VPNs for VPC overview: Site-to-site gateways and Client-to-site servers.](https://cloud.ibm.com/docs/vpc?topic=vpc-vpn-overview)
+- [IBM Cloud Schematics](https://www.ibm.com/cloud/schematics)
+
+
+## 1.2 Executing the deployment of **Three Tier SAP S/4HANA Stack** in CLI
+
+The solution is based on Terraform scripts and Ansible playbooks executed in CLI and it is implementing a 'reasonable' set of best practices for SAP VSI host configuration.
+
+**It contains:**
+- Terraform scripts for the deployment of two VSIs, in an EXISTING VPC, with Subnet and Security Group. The VSIs are intended to be used: one for the data base instance and the other for the application instance.
 - Ansible scripts to configure Three Tier SAP S/4HANA primary application server and a HANA 2.0 node.
 Please note that Ansible is started by Terraform and must be available on the same host.
 
@@ -15,7 +171,7 @@ SAP HANA installation media used for this deployment is the default one for **SA
 SAP S/4HANA installation media used for this deployment is the default one for **SAP S/4HANA 2020** available at SAP Support Portal under *INSTALLATION AND UPGRADE* area and it has to be provided manually in the input parameter file.
 
 ## VSI Configuration
-The VSIs are configured with Red Hat Enterprise Linux 7.6 for SAP HANA (amd64) for DB server and Red Hat Enterprise Linux 7.x for SAP Applications (amd64) for APP server and they have: at least two SSH keys configured to access as root user and the following storage volumes created for DB and SAP APP VSI:
+The VSIs are deployed with one of the following Operating Systems for DB server: Suse Linux Enterprise Server 15 SP 3 for SAP HANA (amd64), Red Hat Enterprise Linux 8.4 for SAP HANA (amd64) or Red Hat Enterprise Linux 7.6 for SAP HANA (amd64) and with one of the following Operating Systems for APP server: Suse Enterprise Linux 1 SP3 for SAP Applications (amd64), Red Hat Enterprise Linux 8.4 for SAP Applications (amd64), Red Hat Enterprise Linux 7.6 for SAP Applications (amd64). The SSH keys are configured to allow root user access. The following storage volumes are creating during the provisioning:
 
 HANA DB VSI Disks:
 - 3 x 500 GB disks with 10000 IOPS - DATA
@@ -32,24 +188,69 @@ You can create an API Key [here](https://cloud.ibm.com/iam/apikeys).
 The solution is configured by editing your variables in the file `input.auto.tfvars`
 Edit your VPC, Subnet, Security group, Hostname, Profile, Image, SSH Keys like so:
 ```shell
-#Infra VPC variables
+##########################################################
+# General VPC variables:
+######################################################
+
 REGION = "eu-de"
+# Region for the VSI. Supported regions: https://cloud.ibm.com/docs/containers?topic=containers-regions-and-zones#zones-vpc
+# Example: REGION = "eu-de"
+
 ZONE = "eu-de-2"
-VPC = "sap" # EXISTING VPC name
-SECURITY_GROUP = "sap-securitygroup" # EXISTING Security group name
-RESOURCE_GROUP = "wes-automation" # EXISTING Resource Group
-SUBNET = "sap-subnet" # EXISTING Subnet name
-SSH_KEYS = [ "r010-57bfc315-f9e5-46bf-bf61-d87a24a9ce7a", "r010-3fcd9fe7-d4a7-41ce-8bb3-d96e936b2c7e" ]
-
-# SAP Database VSI variables:
-DB-HOSTNAME = "is110db"
-DB-PROFILE = "mx2-16x128" 
-DB-IMAGE = "ibm-redhat-7-6-amd64-sap-hana-3" # For any manual change in the terraform code, you have to make sure that you use a certified image based on the SAP NOTE: 2927211.
-
-# SAP APPs VSI variables:
-APP-HOSTNAME = "is110apps"
+# Availability zone for VSI. Supported zones: https://cloud.ibm.com/docs/containers?topic=containers-regions-and-zones#zones-vpc
+# Example: ZONE = "eu-de-2"
+
+VPC = "ic4sap"
+# EXISTING VPC, previously created by the user in the same region as the VSI. The list of available VPCs: https://cloud.ibm.com/vpc-ext/network/vpcs
+# Example: VPC = "ic4sap"
+
+SECURITY_GROUP = "ic4sap-securitygroup"
+# EXISTING Security group, previously created by the user in the same VPC. The list of available Security Groups: https://cloud.ibm.com/vpc-ext/network/securityGroups
+# Example: SECURITY_GROUP = "ic4sap-securitygroup"
+
+RESOURCE_GROUP = "wes-automation"
+# EXISTING Resource group, previously created by the user. The list of available Resource Groups: https://cloud.ibm.com/account/resource-groups
+# Example: RESOURCE_GROUP = "wes-automation"
+
+SUBNET = "ic4sap-subnet"
+# EXISTING Subnet in the same region and zone as the VSI, previously created by the user. The list of available Subnets: https://cloud.ibm.com/vpc-ext/network/subnets
+# Example: SUBNET = "ic4sap-subnet"
+
+SSH_KEYS = ["r010-57bfc315-f9e5-46bf-bf61-d87a24a9ce7a", "r010-e372fc6f-4aef-4bdf-ade6-c4b7c1ad61ca", "r010-09325e15-15be-474e-9b3b-21827b260717", "r010-5cfdb578-fc66-4bf7-967e-f5b4a8d03b89" , "r010-7b85d127-7493-4911-bdb7-61bf40d3c7d4", "r010-771e15dd-8081-4cca-8844-445a40e6a3b3", "r010-d941534b-1d30-474e-9494-c26a88d4cda3"]
+# List of SSH Keys UUIDs that are allowed to SSH as root to the VSI. The SSH Keys should be created for the same region as the VSI. The list of available SSH Keys UUIDs: https://cloud.ibm.com/vpc-ext/compute/sshKeys
+# Example: SSH_KEYS = ["r010-8f72b994-c17f-4500-af8f-d05680374t3c", "r011-8f72v884-c17f-4500-af8f-d05900374t3c"]
+
+##########################################################
+# DB VSI variables:
+##########################################################
+
+DB-HOSTNAME = "saps4hnmar1"
+# The Hostname for the DB VSI. The hostname should be up to 13 characters, as required by SAP
+# Example: HOSTNAME = "ic4sap"
+
+DB-PROFILE = "mx2-16x128"
+# The DB VSI profile. Supported profiles for DB VSI: mx2-16x128. The list of available profiles: https://cloud.ibm.com/docs/vpc?topic=vpc-profiles&interface=ui
+
+DB-IMAGE = "ibm-redhat-8-4-amd64-sap-hana-2"
+# OS image for DB VSI. Supported OS images for DB VSIs: ibm-sles-15-3-amd64-sap-hana-2, ibm-redhat-8-4-amd64-sap-hana-2, ibm-redhat-7-6-amd64-sap-hana-3.
+# The list of available VPC Operating Systems supported by SAP: SAP note '2927211 - SAP Applications on IBM Virtual Private Cloud (VPC) Infrastructure environment' https://launchpad.support.sap.com/#/notes/2927211; The list of all available OS images: https://cloud.ibm.com/docs/vpc?topic=vpc-about-images
+# Example: DB-IMAGE = "ibm-redhat-7-6-amd64-sap-applications-2" 
+
+##########################################################
+# SAP APP VSI variables:
+##########################################################
+
+APP-HOSTNAME = "saps4apmar1"
+# The Hostname for the SAP APP VSI. The hostname should be up to 13 characters, as required by SAP
+# Example: HOSTNAME = "ic4sap"
+
 APP-PROFILE = "bx2-4x16"
-APP-IMAGE = "ibm-redhat-7-6-amd64-sap-applications-3" # For any manual change in the terraform code, you have to make sure that you use a certified image based on the SAP NOTE: 2927211.
+# The APP VSI profile. Supported profiles: bx2-4x16. The list of available profiles: https://cloud.ibm.com/docs/vpc?topic=vpc-profiles&interface=ui
+
+APP-IMAGE = "ibm-redhat-8-4-amd64-sap-applications-2"
+# OS image for SAP APP VSI. Supported OS images for APP VSIs: ibm-sles-15-3-amd64-sap-applications-2, ibm-redhat-8-4-amd64-sap-applications-2, ibm-redhat-7-6-amd64-sap-applications-3.
+# The list of available VPC Operating Systems supported by SAP: SAP note '2927211 - SAP Applications on IBM Virtual Private Cloud (VPC) Infrastructure environment' https://launchpad.support.sap.com/#/notes/2927211; The list of all available OS images: https://cloud.ibm.com/docs/vpc?topic=vpc-about-images
+# Example: APP-IMAGE = "ibm-redhat-7-6-amd64-sap-applications-2" 
 ......
 ```
 
@@ -59,35 +260,66 @@ ibmcloud_api_key | IBM Cloud API key (Sensitive* value).
 SSH_KEYS | List of SSH Keys IDs that are allowed to SSH as root to the VSI. Can contain one or more IDs. The list of SSH Keys is available [here](https://cloud.ibm.com/vpc-ext/compute/sshKeys). <br /> Sample input (use your own SSH IDS from IBM Cloud):<br /> [ "r010-57bfc315-f9e5-46bf-bf61-d87a24a9ce7a" , "r010-3fcd9fe7-d4a7-41ce-8bb3-d96e936b2c7e" ]
 REGION | The cloud region where to deploy the solution. <br /> The regions and zones for VPC are listed [here](https://cloud.ibm.com/docs/containers?topic=containers-regions-and-zones#zones-vpc). <br /> Sample value: eu-de.
 ZONE | The cloud zone where to deploy the solution. <br /> Sample value: eu-de-2.
-VPC | EXISTING VPC name. The list of VPCs is available [here](https://cloud.ibm.com/vpc-ext/network/vpcs)
-SUBNET | EXISTING Subnet name. The list of Subnets is available [here](https://cloud.ibm.com/vpc-ext/network/subnets). 
-SECURITY_GROUP | EXISTING Security group name. The list of Security Groups is available [here](https://cloud.ibm.com/vpc-ext/network/securityGroups).
-RESOURCE_GROUP | EXISTING Resource Group for VSIs and Volumes. The list of Resource Groups is available [here](https://cloud.ibm.com/account/resource-groups).
-[DB/APP]-HOSTNAME | The Hostname for the VSI. The hostname must have up to 13 characters as required by SAP.<br> For more information on rules regarding hostnames for SAP systems, check [SAP Note 611361: Hostnames of SAP ABAP Platform servers](https://launchpad.support.sap.com/#/notes/%20611361)
-[DB/APP]-PROFILE | The profile used for the VSI. A list of profiles is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-profiles).<br> For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check [SAP Note 2927211: SAP Applications on IBM Virtual Private Cloud](https://launchpad.support.sap.com/#/notes/2927211)
-[DB/APP]-IMAGE | The OS image used for the VSI. A list of images is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-about-images)
+VPC | The name of an EXISTING VPC. The list of VPCs is available [here](https://cloud.ibm.com/vpc-ext/network/vpcs)
+SUBNET | The name of an EXISTING Subnet. The list of Subnets is available [here](https://cloud.ibm.com/vpc-ext/network/subnets). 
+SECURITY_GROUP | The name of an EXISTING Security group. The list of Security Groups is available [here](https://cloud.ibm.com/vpc-ext/network/securityGroups).
+RESOURCE_GROUP | The name of an EXISTING Resource Group for VSIs and Volumes resources. The list of Resource Groups is available [here](https://cloud.ibm.com/account/resource-groups).
+[DB/APP]-HOSTNAME | The Hostname for the HANA/APP VSI. The hostname should be up to 13 characters as required by SAP.<br> For more information on rules regarding hostnames for SAP systems, check [SAP Note 611361: Hostnames of SAP ABAP Platform servers](https://launchpad.support.sap.com/#/notes/%20611361)
+[DB/APP]-PROFILE | The profile used for the HANA/APP VSI. A list of profiles is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-profiles).<br> For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check [SAP Note 2927211: SAP Applications on IBM Virtual Private Cloud](https://launchpad.support.sap.com/#/notes/2927211)
+[DB/APP]-IMAGE | The OS image used for the HANA/APP VSI. A list of images is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-about-images)
 
 Edit your SAP system configuration variables that will be passed to the ansible automated deployment:
 
 ```shell
-#HANA DB configuration
+##########################################################
+# SAP HANA configuration
+##########################################################
+
 hana_sid = "HDB"
+# SAP HANA system ID. Should follow the SAP rules for SID naming.
+# Example: hana_sid = "HDB"
+
 hana_sysno = "00"
+# SAP HANA instance number. Should follow the SAP rules for instance number naming.
+# Example: hana_sysno = "01"
+
 hana_system_usage = "custom"
+# System usage. Default: custom. Suported values: production, test, development, custom
+# Example: hana_system_usage = "custom"
+
 hana_components = "server"
+# SAP HANA Components. Default: server. Supported values: all, client, es, ets, lcapps, server, smartda, streaming, rdsync, xs, studio, afl, sca, sop, eml, rme, rtl, trp
+# Example: hana_components = "server"
+
+kit_saphana_file = "/storage/HANADB/51055299.ZIP"
+# SAP HANA Installation kit path
+# Supported SAP HANA versions on Red Hat 8.4 and Suse 15.3: HANA 2.0 SP 5 Rev 57, kit file: 51055299.ZIP
+# Supported SAP HANA versions on Red Hat 7.6: HANA 2.0 SP 5 Rev 52, kit file: 51054623.ZIP
+# Example for Red Hat 7: kit_saphana_file = "/storage/HANADB/51054623.ZIP"
+# Example for Red Hat 8 or Suse 15: kit_saphana_file = "/storage/HANADB/51055299.ZIP"
 
-#SAP HANA Installation kit path
-kit_saphana_file = "/storage/HANADB/51054623.ZIP"
+##########################################################
+# SAP system configuration
+##########################################################
 
-#SAP system configuration
 sap_sid = "S4A"
+# SAP System ID
+
 sap_ascs_instance_number = "01"
+# The central ABAP service instance number. Should follow the SAP rules for instance number naming.
+# Example: sap_ascs_instance_number = "01"
+
 sap_ci_instance_number = "00"
+# The SAP central instance number. Should follow the SAP rules for instance number naming.
+# Example: sap_ci_instance_number = "06"
 
-# Number of concurrent jobs used to load and/or extract archives to HANA Host
 hdb_concurrent_jobs = "23"
+# Number of concurrent jobs used to load and/or extract archives to HANA Host
+
+##########################################################
+# SAP S/4HANA APP Kit Paths
+##########################################################
 
-#SAP S4HANA APP Installation kit path
 kit_sapcar_file = "/storage/S4HANA/SAPCAR_1010-70006178.EXE"
 kit_swpm_file = "/storage/S4HANA/SWPM20SP09_4-80003424.SAR"
 kit_sapexe_file = "/storage/S4HANA/SAPEXE_100-70005283.SAR"
@@ -97,7 +329,6 @@ kit_igshelper_file = "/storage/S4HANA/igshelper_17-10010245.sar"
 kit_saphotagent_file = "/storage/S4HANA/SAPHOSTAGENT51_51-20009394.SAR"
 kit_hdbclient_file = "/storage/S4HANA/IMDB_CLIENT20_009_28-80002082.SAR"
 kit_s4hana_export = "/storage/S4HANA/export"
-
 ```
 **SAP input parameters:**
 
@@ -126,8 +357,7 @@ kit_s4hana_export | Path to S/4HANA Installation Export dir | The archives downl
 
 **Obs***: <br />
 - Sensitive - The variable value is not displayed in your tf files details after terrafrorm plan&apply commands.<br />
-- VOL[number] | The sizes for the disks in GB that are to be attached to the VSI and used by SAP.<br />
-- The following variables should be the same like the bastion ones: REGION, ZONE, VPC, SUBNET, RESOURCE_GROUP, SECURITY_GROUP.
+- The following variables should be the same like the bastion ones: REGION, ZONE, VPC, SUBNET, SECURITY_GROUP.
 
 ## VPC Configuration
 
@@ -142,16 +372,15 @@ The Security Rules are the following:
 ## Files description and structure:
  - `modules` - directory containing the terraform modules
  - `input.auto.tfvars` - contains the variables that will need to be edited by the user to customize the solution
- - `integration.tf` - contains the integration code that brings the SAP variabiles from Terraform to Ansible.
+ - `integration-*.tf` - contains the integration code that brings the SAP variabiles from Terraform to Ansible.
  - `main.tf` - contains the configuration of the VSI for SAP single tier deployment.
  - `provider.tf` - contains the IBM Cloud Provider data in order to run `terraform init` command.
- - `terraform.tfvars` - contains the IBM Cloud API key referenced in `provider.tf`
  - `variables.tf` - contains variables for the VPC and VSI
  - `versions.tf` - contains the minimum required versions for terraform and IBM Cloud provider.
  - `output.tf` - contains the code for the information to be displayed after the VSI is created (Hostname, Private IP, Public IP)
 
 
-## Steps to reproduce:
+## Steps to follow:
 
 For initializing terraform:
 
diff --git a/cli/README.md b/cli/README.md
index 4ed8843..0adca04 100644
--- a/cli/README.md
+++ b/cli/README.md
@@ -2,10 +2,12 @@
 
 
 ## Description
-This solution will perform automated deployment of  **Three Tier SAP S/4HANA Stack** on top of **Red Hat Enterprise Linux 7.6 for SAP**.
+This automation solution is designed for the deployment of **Three Tier SAP S/4HANA Stack** using IBM Cloud Schematics. The SAP solution will be deployed on top of one of the following Operating Systems: **SUSE Linux Enterprise Server 15 SP 3 for SAP**, **Red Hat Enterprise Linux 8.4 for SAP**, **Red Hat Enterprise Linux 7.6 for SAP** in an existing IBM Cloud Gen2 VPC, using an existing bastion host with secure remote SSH access.
 
-It contains:  
-- Terraform scripts for deploying two VSIs in an EXISTING VPC with Subnet and Security Group configs. The VSIs scope: one for the data base instance and one for the application instance.
+The solution is based on Terraform scripts and Ansible playbooks executed in CLI and it is implementing a 'reasonable' set of best practices for SAP VSI host configuration.
+
+**It contains:**
+- Terraform scripts for the deployment of two VSIs, in an EXISTING VPC, with Subnet and Security Group. The VSIs are intended to be used: one for the data base instance and the other for the application instance.
 - Ansible scripts to configure Three Tier SAP S/4HANA primary application server and a HANA 2.0 node.
 Please note that Ansible is started by Terraform and must be available on the same host.
 
@@ -15,7 +17,7 @@ SAP HANA installation media used for this deployment is the default one for **SA
 SAP S/4HANA installation media used for this deployment is the default one for **SAP S/4HANA 2020** available at SAP Support Portal under *INSTALLATION AND UPGRADE* area and it has to be provided manually in the input parameter file.
 
 ## VSI Configuration
-The VSIs are configured with Red Hat Enterprise Linux 7.6 for SAP HANA (amd64) for DB server and Red Hat Enterprise Linux 7.x for SAP Applications (amd64) for APP server and they have: at least two SSH keys configured to access as root user and the following storage volumes created for DB and SAP APP VSI:
+The VSIs are deployed with one of the following Operating Systems for DB server: Suse Linux Enterprise Server 15 SP 3 for SAP HANA (amd64), Red Hat Enterprise Linux 8.4 for SAP HANA (amd64) or Red Hat Enterprise Linux 7.6 for SAP HANA (amd64) and with one of the following Operating Systems for APP server: Suse Enterprise Linux 1 SP3 for SAP Applications (amd64), Red Hat Enterprise Linux 8.4 for SAP Applications (amd64), Red Hat Enterprise Linux 7.6 for SAP Applications (amd64). The SSH keys are configured to allow root user access. The following storage volumes are creating during the provisioning:
 
 HANA DB VSI Disks:
 - 3 x 500 GB disks with 10000 IOPS - DATA
@@ -32,24 +34,69 @@ You can create an API Key [here](https://cloud.ibm.com/iam/apikeys).
 The solution is configured by editing your variables in the file `input.auto.tfvars`
 Edit your VPC, Subnet, Security group, Hostname, Profile, Image, SSH Keys like so:
 ```shell
-#Infra VPC variables
+##########################################################
+# General VPC variables:
+######################################################
+
 REGION = "eu-de"
+# Region for the VSI. Supported regions: https://cloud.ibm.com/docs/containers?topic=containers-regions-and-zones#zones-vpc
+# Example: REGION = "eu-de"
+
 ZONE = "eu-de-2"
-VPC = "sap" # EXISTING VPC name
-SECURITY_GROUP = "sap-securitygroup" # EXISTING Security group name
-RESOURCE_GROUP = "wes-automation"  # EXISTING Resource group name
-SUBNET = "sap-subnet" # EXISTING Subnet name
-SSH_KEYS = [ "r010-57bfc315-f9e5-46bf-bf61-d87a24a9ce7a" , "r010-3fcd9fe7-d4a7-41ce-8bb3-d96e936b2c7e" ]
-
-# SAP Database VSI variables:
-DB-HOSTNAME = "is110db"
-DB-PROFILE = "mx2-16x128" 
-DB-IMAGE = "ibm-redhat-7-6-amd64-sap-hana-3" # For any manual change in the terraform code, you have to make sure that you use a certified image based on the SAP NOTE: 2927211.
-
-# SAP APPs VSI variables:
-APP-HOSTNAME = "is110apps"
+# Availability zone for VSI. Supported zones: https://cloud.ibm.com/docs/containers?topic=containers-regions-and-zones#zones-vpc
+# Example: ZONE = "eu-de-2"
+
+VPC = "ic4sap"
+# EXISTING VPC, previously created by the user in the same region as the VSI. The list of available VPCs: https://cloud.ibm.com/vpc-ext/network/vpcs
+# Example: VPC = "ic4sap"
+
+SECURITY_GROUP = "ic4sap-securitygroup"
+# EXISTING Security group, previously created by the user in the same VPC. The list of available Security Groups: https://cloud.ibm.com/vpc-ext/network/securityGroups
+# Example: SECURITY_GROUP = "ic4sap-securitygroup"
+
+RESOURCE_GROUP = "wes-automation"
+# EXISTING Resource group, previously created by the user. The list of available Resource Groups: https://cloud.ibm.com/account/resource-groups
+# Example: RESOURCE_GROUP = "wes-automation"
+
+SUBNET = "ic4sap-subnet"
+# EXISTING Subnet in the same region and zone as the VSI, previously created by the user. The list of available Subnets: https://cloud.ibm.com/vpc-ext/network/subnets
+# Example: SUBNET = "ic4sap-subnet"
+
+SSH_KEYS = ["r010-57bfc315-f9e5-46bf-bf61-d87a24a9ce7a", "r010-e372fc6f-4aef-4bdf-ade6-c4b7c1ad61ca", "r010-09325e15-15be-474e-9b3b-21827b260717", "r010-5cfdb578-fc66-4bf7-967e-f5b4a8d03b89" , "r010-7b85d127-7493-4911-bdb7-61bf40d3c7d4", "r010-771e15dd-8081-4cca-8844-445a40e6a3b3", "r010-d941534b-1d30-474e-9494-c26a88d4cda3"]
+# List of SSH Keys UUIDs that are allowed to SSH as root to the VSI. The SSH Keys should be created for the same region as the VSI. The list of available SSH Keys UUIDs: https://cloud.ibm.com/vpc-ext/compute/sshKeys
+# Example: SSH_KEYS = ["r010-8f72b994-c17f-4500-af8f-d05680374t3c", "r011-8f72v884-c17f-4500-af8f-d05900374t3c"]
+
+##########################################################
+# DB VSI variables:
+##########################################################
+
+DB-HOSTNAME = "saps4hnmar1"
+# The Hostname for the DB VSI. The hostname should be up to 13 characters, as required by SAP
+# Example: HOSTNAME = "ic4sap"
+
+DB-PROFILE = "mx2-16x128"
+# The DB VSI profile. Supported profiles for DB VSI: mx2-16x128. The list of available profiles: https://cloud.ibm.com/docs/vpc?topic=vpc-profiles&interface=ui
+
+DB-IMAGE = "ibm-redhat-8-4-amd64-sap-hana-2"
+# OS image for DB VSI. Supported OS images for DB VSIs: ibm-sles-15-3-amd64-sap-hana-2, ibm-redhat-8-4-amd64-sap-hana-2, ibm-redhat-7-6-amd64-sap-hana-3.
+# The list of available VPC Operating Systems supported by SAP: SAP note '2927211 - SAP Applications on IBM Virtual Private Cloud (VPC) Infrastructure environment' https://launchpad.support.sap.com/#/notes/2927211; The list of all available OS images: https://cloud.ibm.com/docs/vpc?topic=vpc-about-images
+# Example: DB-IMAGE = "ibm-redhat-7-6-amd64-sap-applications-2" 
+
+##########################################################
+# SAP APP VSI variables:
+##########################################################
+
+APP-HOSTNAME = "saps4apmar1"
+# The Hostname for the SAP APP VSI. The hostname should be up to 13 characters, as required by SAP
+# Example: HOSTNAME = "ic4sap"
+
 APP-PROFILE = "bx2-4x16"
-APP-IMAGE = "ibm-redhat-7-6-amd64-sap-applications-3" # For any manual change in the terraform code, you have to make sure that you use a certified image based on the SAP NOTE: 2927211.
+# The APP VSI profile. Supported profiles: bx2-4x16. The list of available profiles: https://cloud.ibm.com/docs/vpc?topic=vpc-profiles&interface=ui
+
+APP-IMAGE = "ibm-redhat-8-4-amd64-sap-applications-2"
+# OS image for SAP APP VSI. Supported OS images for APP VSIs: ibm-sles-15-3-amd64-sap-applications-2, ibm-redhat-8-4-amd64-sap-applications-2, ibm-redhat-7-6-amd64-sap-applications-3.
+# The list of available VPC Operating Systems supported by SAP: SAP note '2927211 - SAP Applications on IBM Virtual Private Cloud (VPC) Infrastructure environment' https://launchpad.support.sap.com/#/notes/2927211; The list of all available OS images: https://cloud.ibm.com/docs/vpc?topic=vpc-about-images
+# Example: APP-IMAGE = "ibm-redhat-7-6-amd64-sap-applications-2" 
 ......
 ```
 
@@ -59,35 +106,66 @@ ibmcloud_api_key | IBM Cloud API key (Sensitive* value).
 SSH_KEYS | List of SSH Keys IDs that are allowed to SSH as root to the VSI. Can contain one or more IDs. The list of SSH Keys is available [here](https://cloud.ibm.com/vpc-ext/compute/sshKeys). <br /> Sample input (use your own SSH IDS from IBM Cloud):<br /> [ "r010-57bfc315-f9e5-46bf-bf61-d87a24a9ce7a" , "r010-3fcd9fe7-d4a7-41ce-8bb3-d96e936b2c7e" ]
 REGION | The cloud region where to deploy the solution. <br /> The regions and zones for VPC are listed [here](https://cloud.ibm.com/docs/containers?topic=containers-regions-and-zones#zones-vpc). <br /> Sample value: eu-de.
 ZONE | The cloud zone where to deploy the solution. <br /> Sample value: eu-de-2.
-VPC | EXISTING VPC name. The list of VPCs is available [here](https://cloud.ibm.com/vpc-ext/network/vpcs)
-SUBNET | EXISTING Subnet name. The list of Subnets is available [here](https://cloud.ibm.com/vpc-ext/network/subnets). 
-SECURITY_GROUP | EXISTING Security group name. The list of Security Groups is available [here](https://cloud.ibm.com/vpc-ext/network/securityGroups).
-RESOURCE_GROUP | EXISTING Resource Group for VSIs and Volumes. The list of Resource Groups is available [here](https://cloud.ibm.com/account/resource-groups).
-[DB/APP]-HOSTNAME | The Hostname for the VSI. The hostname must have up to 13 characters as required by SAP.<br> For more information on rules regarding hostnames for SAP systems, check [SAP Note 611361: Hostnames of SAP ABAP Platform servers](https://launchpad.support.sap.com/#/notes/%20611361)
-[DB/APP]-PROFILE | The profile used for the VSI. A list of profiles is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-profiles).<br> For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check [SAP Note 2927211: SAP Applications on IBM Virtual Private Cloud](https://launchpad.support.sap.com/#/notes/2927211)
-[DB/APP]-IMAGE | The OS image used for the VSI. A list of images is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-about-images)
+VPC | The name of an EXISTING VPC. The list of VPCs is available [here](https://cloud.ibm.com/vpc-ext/network/vpcs)
+SUBNET | The name of an EXISTING Subnet. The list of Subnets is available [here](https://cloud.ibm.com/vpc-ext/network/subnets). 
+SECURITY_GROUP | The name of an EXISTING Security group. The list of Security Groups is available [here](https://cloud.ibm.com/vpc-ext/network/securityGroups).
+RESOURCE_GROUP | The name of an EXISTING Resource Group for VSIs and Volumes resources. The list of Resource Groups is available [here](https://cloud.ibm.com/account/resource-groups).
+[DB/APP]-HOSTNAME | The Hostname for the HANA/APP VSI. The hostname should be up to 13 characters as required by SAP.<br> For more information on rules regarding hostnames for SAP systems, check [SAP Note 611361: Hostnames of SAP ABAP Platform servers](https://launchpad.support.sap.com/#/notes/%20611361)
+[DB/APP]-PROFILE | The profile used for the HANA/APP VSI. A list of profiles is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-profiles).<br> For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check [SAP Note 2927211: SAP Applications on IBM Virtual Private Cloud](https://launchpad.support.sap.com/#/notes/2927211)
+[DB/APP]-IMAGE | The OS image used for the HANA/APP VSI. A list of images is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-about-images)
 
 Edit your SAP system configuration variables that will be passed to the ansible automated deployment:
 
 ```shell
-#HANA DB configuration
+##########################################################
+# SAP HANA configuration
+##########################################################
+
 hana_sid = "HDB"
+# SAP HANA system ID. Should follow the SAP rules for SID naming.
+# Example: hana_sid = "HDB"
+
 hana_sysno = "00"
+# SAP HANA instance number. Should follow the SAP rules for instance number naming.
+# Example: hana_sysno = "01"
+
 hana_system_usage = "custom"
+# System usage. Default: custom. Suported values: production, test, development, custom
+# Example: hana_system_usage = "custom"
+
 hana_components = "server"
+# SAP HANA Components. Default: server. Supported values: all, client, es, ets, lcapps, server, smartda, streaming, rdsync, xs, studio, afl, sca, sop, eml, rme, rtl, trp
+# Example: hana_components = "server"
+
+kit_saphana_file = "/storage/HANADB/51055299.ZIP"
+# SAP HANA Installation kit path
+# Supported SAP HANA versions on Red Hat 8.4 and Suse 15.3: HANA 2.0 SP 5 Rev 57, kit file: 51055299.ZIP
+# Supported SAP HANA versions on Red Hat 7.6: HANA 2.0 SP 5 Rev 52, kit file: 51054623.ZIP
+# Example for Red Hat 7: kit_saphana_file = "/storage/HANADB/51054623.ZIP"
+# Example for Red Hat 8 or Suse 15: kit_saphana_file = "/storage/HANADB/51055299.ZIP"
 
-#SAP HANA Installation kit path
-kit_saphana_file = "/storage/HANADB/51054623.ZIP"
+##########################################################
+# SAP system configuration
+##########################################################
 
-#SAP system configuration
 sap_sid = "S4A"
+# SAP System ID
+
 sap_ascs_instance_number = "01"
+# The central ABAP service instance number. Should follow the SAP rules for instance number naming.
+# Example: sap_ascs_instance_number = "01"
+
 sap_ci_instance_number = "00"
+# The SAP central instance number. Should follow the SAP rules for instance number naming.
+# Example: sap_ci_instance_number = "06"
 
-# Number of concurrent jobs used to load and/or extract archives to HANA Host
 hdb_concurrent_jobs = "23"
+# Number of concurrent jobs used to load and/or extract archives to HANA Host
+
+##########################################################
+# SAP S4HANA APP Kit Paths
+##########################################################
 
-#SAP S4HANA APP Installation kit path
 kit_sapcar_file = "/storage/S4HANA/SAPCAR_1010-70006178.EXE"
 kit_swpm_file = "/storage/S4HANA/SWPM20SP09_4-80003424.SAR"
 kit_sapexe_file = "/storage/S4HANA/SAPEXE_100-70005283.SAR"
@@ -97,7 +175,6 @@ kit_igshelper_file = "/storage/S4HANA/igshelper_17-10010245.sar"
 kit_saphotagent_file = "/storage/S4HANA/SAPHOSTAGENT51_51-20009394.SAR"
 kit_hdbclient_file = "/storage/S4HANA/IMDB_CLIENT20_009_28-80002082.SAR"
 kit_s4hana_export = "/storage/S4HANA/export"
-
 ```
 **SAP input parameters:**
 
@@ -126,8 +203,7 @@ kit_s4hana_export | Path to S/4HANA Installation Export dir | The archives downl
 
 **Obs***: <br />
 - Sensitive - The variable value is not displayed in your tf files details after terrafrorm plan&apply commands.<br />
-- VOL[number] | The sizes for the disks in GB that are to be attached to the VSI and used by SAP.<br />
-- The following variables should be the same like the bastion ones: REGION, ZONE, VPC, SUBNET, RESOURCE_GROUP, SECURITY_GROUP.
+- The following variables should be the same like the bastion ones: REGION, ZONE, VPC, SUBNET, SECURITY_GROUP.
 
 ## VPC Configuration
 
@@ -142,16 +218,15 @@ The Security Rules are the following:
 ## Files description and structure:
  - `modules` - directory containing the terraform modules
  - `input.auto.tfvars` - contains the variables that will need to be edited by the user to customize the solution
- - `integration.tf` - contains the integration code that brings the SAP variabiles from Terraform to Ansible.
+ - `integration-*.tf` - contains the integration code that brings the SAP variabiles from Terraform to Ansible.
  - `main.tf` - contains the configuration of the VSI for SAP single tier deployment.
  - `provider.tf` - contains the IBM Cloud Provider data in order to run `terraform init` command.
- - `terraform.tfvars` - contains the IBM Cloud API key referenced in `provider.tf`
  - `variables.tf` - contains variables for the VPC and VSI
  - `versions.tf` - contains the minimum required versions for terraform and IBM Cloud provider.
  - `output.tf` - contains the code for the information to be displayed after the VSI is created (Hostname, Private IP, Public IP)
 
 
-## Steps to reproduce:
+## Steps to follow:
 
 For initializing terraform:
 
diff --git a/cli/ansible/roles/s4appinst/tasks/install_kit.yml b/cli/ansible/roles/s4appinst/tasks/install_kit.yml
index c395cfd..fbba5b8 100644
--- a/cli/ansible/roles/s4appinst/tasks/install_kit.yml
+++ b/cli/ansible/roles/s4appinst/tasks/install_kit.yml
@@ -20,16 +20,24 @@
   when: "'rsync' in ansible_facts.packages"
   delegate_to: localhost
 
-- name: Gather the package facts for target
+- name: Gather the package facts for Red Hat target
   package_facts:
     manager: auto
+  when: ansible_facts['os_family'] == "RedHat"
 
-- name: Check if rsync package is available on target
+- name: Gather the packages for Suse target # noqa 305
+  shell: zypper search -i --match-exact rsync
+  args:
+    warn: false
+  register: rsync_search_result
+  when: ansible_facts['os_family'] == "Suse"
+
+- name: Check if rsync package is available
   set_fact:
     rsync_found_target: true
-  when: "'rsync' in ansible_facts.packages"
+  when: ansible_facts['os_family'] == "RedHat" and "'rsync' in ansible_facts.packages" or ansible_facts['os_family'] == "Suse" and rsync_search_result.rc == 0
 
-- name: Copy S4/HANA kit to target using rsync
+- name: Copy S/4HANA kit to target using rsync
   synchronize:
     src: "{{ item.s4apps_src }}"
     dest: "{{ item.s4apps_dest }}"
@@ -37,7 +45,7 @@
   loop: "{{ s4apps_kit }}"
   when: rsync_found_controller is defined and rsync_found_target is defined
 
-- name: Copy S4/HANA kit to target when rsync is not available
+- name: Copy S/4HANA kit to target when rsync is not available
   copy:
     src: "{{ item.s4apps_src }}"
     dest: "{{ item.s4apps_dest }}"
@@ -55,9 +63,13 @@
     recurse: yes
     owner: root
     group: root
-  when: rsync_found_controller is defined and rsync_found_target is defined
+
+- name: Check if SWPM archive content was already extracted
+  stat:
+    path: "{{ s4app_kit }}/swpm/sapinst"
+  register: file_status
 
 - name: Extract SWPM archive
   command: "{{ s4app_kit }}/sapcar -xf {{ s4app_kit }}/swpm.sar -R {{ s4app_kit }}/swpm"
-
+  when: not file_status.stat.exists
 ...
diff --git a/cli/ansible/roles/s4appinst/tasks/main.yml b/cli/ansible/roles/s4appinst/tasks/main.yml
index aa71d87..10dfcd8 100644
--- a/cli/ansible/roles/s4appinst/tasks/main.yml
+++ b/cli/ansible/roles/s4appinst/tasks/main.yml
@@ -7,8 +7,16 @@
       src: sapinst.cfg
       dest: "{{ s4app_kit }}/inifile.params"
 
-- name: Start SAP S4HANA Application Server installation
-  shell: "{{ s4app_kit }}/swpm/sapinst SAPINST_INPUT_PARAMETERS_URL={{ s4app_kit }}/inifile.params SAPINST_EXECUTE_PRODUCT_ID={{ sap_product_id }} SAPINST_SKIP_DIALOGS=true SAPINST_START_GUISERVER=false"
+- name: Check if S/4HANA Application Server was already installed
+  stat:
+    path: "/sapmnt/{{ sap_sid|upper }}/exe/uc/linuxx86_64/SAPCAR"
+  register: install_status
+
+- name: Start SAP S/4HANA Application Server installation # noqa 305
+  shell: >-
+    {{ s4app_kit }}/swpm/sapinst SAPINST_INPUT_PARAMETERS_URL={{ s4app_kit }}/inifile.params
+    SAPINST_EXECUTE_PRODUCT_ID={{ sap_product_id }} SAPINST_SKIP_DIALOGS=true SAPINST_START_GUISERVER=false
+  when: not install_status.stat.exists
 
 - name: Cleanup
   file:
diff --git a/cli/ansible/roles/s4appreq/defaults/main.yml b/cli/ansible/roles/s4appreq/defaults/main.yml
index c5388b2..753139a 100644
--- a/cli/ansible/roles/s4appreq/defaults/main.yml
+++ b/cli/ansible/roles/s4appreq/defaults/main.yml
@@ -4,9 +4,70 @@ sap_disk_size: "128.00 GB"
 swap_disk_size: "40.00 GB"
 
 #Logical volume size config
-swap_lv_size: "30g"
+# swap_lv_size: "30g"
 usrsap_lv_size: "5g"
 sap_lv_size: "20g"
 sapmnt_lv_size: "20g"
 saptrans_lv_size: "50g"
+
+# SWAP size GB 
+# SAP note 1597355
+# Commented until terraform code update
+# swap_lv:
+#   - size: 64
+#     ram_min: 32
+#     ram_max: 63
+#   - size: 96
+#     ram_min: 64
+#     ram_max: 127
+#   - size: 128
+#     ram_min: 128
+#     ram_max: 255
+#   - size: 160
+#     ram_min: 256
+#     ram_max: 511
+#   - size: 192
+#     ram_min: 512
+#     ram_max: 1023
+#   - size: 224
+#     ram_min: 1024
+#     ram_max: 2047
+#   - size: 256
+#     ram_min: 2048
+#     ram_max: 4095
+#   - size: 288
+#     ram_min: 4096
+#     ram_max: 8191
+#   - size: 320
+#     ram_min: 8192
+#     ram_max: 20000
+
+swap_lv:
+  - size: 38
+    ram_min: 32
+    ram_max: 63
+  - size: 38
+    ram_min: 64
+    ram_max: 127
+  - size: 38
+    ram_min: 128
+    ram_max: 255
+  - size: 38
+    ram_min: 256
+    ram_max: 511
+  - size: 38
+    ram_min: 512
+    ram_max: 1023
+  - size: 224
+    ram_min: 1024
+    ram_max: 2047
+  - size: 38
+    ram_min: 2048
+    ram_max: 4095
+  - size: 288
+    ram_min: 4096
+    ram_max: 8191
+  - size: 38
+    ram_min: 8192
+    ram_max: 20000
 ...
diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/SELinux.yml b/cli/ansible/roles/s4appreq/tasks/configurations/SELinux.yml
index 2277489..967003c 100644
--- a/cli/ansible/roles/s4appreq/tasks/configurations/SELinux.yml
+++ b/cli/ansible/roles/s4appreq/tasks/configurations/SELinux.yml
@@ -2,4 +2,4 @@
 - name: Disable SELinux
   selinux:
     state: disabled
-...    
\ No newline at end of file
+...
\ No newline at end of file
diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/abrtd.yml b/cli/ansible/roles/s4appreq/tasks/configurations/abrtd.yml
new file mode 100644
index 0000000..a77e224
--- /dev/null
+++ b/cli/ansible/roles/s4appreq/tasks/configurations/abrtd.yml
@@ -0,0 +1,11 @@
+---
+- name: Get the list of services
+  service_facts:
+
+- name: Stop and disable abrtd
+  systemd:
+    name: abrtd
+    state: stopped
+    enabled: no
+  when: "'abrtd.service' in services"
+...
diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/filesystems.yml b/cli/ansible/roles/s4appreq/tasks/configurations/filesystems.yml
index 04523ab..321754a 100644
--- a/cli/ansible/roles/s4appreq/tasks/configurations/filesystems.yml
+++ b/cli/ansible/roles/s4appreq/tasks/configurations/filesystems.yml
@@ -1,6 +1,6 @@
 ---
 - name: Get available storage devices for swap
-  set_fact: 
+  set_fact:
     swap_disk: "{{ swap_disk|default([]) + [device.key] }}"
   when:
      - not device.value.partitions
@@ -23,7 +23,7 @@
     pesize: "32"
 
 - name: Get available storage devices for SAP instance
-  set_fact: 
+  set_fact:
     sap_disk: "{{ sap_disk|default([]) + [device.key] }}"
   when:
      - not device.value.partitions
@@ -45,6 +45,21 @@
     pvs: "/dev/{{ sap_disk[0] }}"
     pesize: "32"
 
+- name: Get the RAM size
+  set_fact:
+    app_ram: "{{ app_profile.split('-')[1].split('x')[1] }}"
+
+- name: Get the swap logical volume size for RAM lower than 32 GB
+  set_fact:
+    swap_lv_size: "{{ app_ram | int * 2 }}g"
+  when: app_ram | int < 32
+
+- name: Get the swap logical volume size for RAM higher than 32 GB
+  set_fact:
+    swap_lv_size: "{{ item.size }}g"
+  loop: "{{ swap_lv }}"
+  when: (app_ram | int > 32) and (app_ram | int >= item.ram_min) and (app_ram | int <= item.ram_min)
+
 - name: Create a logical volume for swap
   lvol:
     vg: "{{ sap_sid|lower }}_swap_vg"
@@ -73,7 +88,7 @@
   lvol:
     vg: "{{ sap_sid|lower }}_app_vg"
     lv: "{{ sap_sid|lower }}_saptrans_lv"
-    size: "{{ saptrans_lv_size }}" 
+    size: "{{ saptrans_lv_size }}"
 
 - name: Create a swap filesystem
   filesystem:
@@ -106,8 +121,13 @@
     regexp: "^/dev/{{ sap_sid|lower }}_swap_vg/{{ sap_sid|lower }}_swap_lv"
     line: "/dev/{{ sap_sid|lower }}_swap_vg/{{ sap_sid|lower }}_swap_lv  swap  swap  defaults  0 0"
 
+- name: Check the current swap size
+  set_fact:
+    sap_vm_swap: "{{ ansible_swaptotal_mb }}"
+
 - name: Mount swap volume
   command: swapon -a
+  when: sap_vm_swap == 0
 
 - name: Mount /usr/sap and add it to /etc/fstab
   mount:
diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/hostname.yml b/cli/ansible/roles/s4appreq/tasks/configurations/hostname.yml
index f3ff0d1..4d7c3f5 100644
--- a/cli/ansible/roles/s4appreq/tasks/configurations/hostname.yml
+++ b/cli/ansible/roles/s4appreq/tasks/configurations/hostname.yml
@@ -3,27 +3,29 @@
 - name: Get short hostname
   command: hostname -s
   register: sap_short_hostname
+  changed_when: False
+
+- name: Get FQDN
+  set_fact:
+    sap_host_fqdn: "{{ ansible_fqdn }}"
 
 - name: Check if hostname has 13 or less characters as per SAP requirement
   fail:
     msg: "Hostname {{ sap_short_hostname.stdout }} has more than 13 characters"
   when:  sap_short_hostname.stdout|length > 13
 
-- name: Disable manage_etc_hosts in /etc/cloud/cloud.cfg
-  replace:
-    path: /etc/cloud/cloud.cfg
-    regexp: '(.*manage_etc_hosts.*)'
-    replace: '#\1'
+- name: Line to be added in /etc/hosts if FQDN is set
+  set_fact:
+    line_to_add: "{{ ansible_default_ipv4.address }} {{ sap_host_fqdn }} {{ sap_short_hostname.stdout }}"
+  when: sap_short_hostname.stdout != sap_host_fqdn
 
-#1054467 - Local host name refers to loopback address
-- name: Disable default hostname resolve to loopback address 
-  replace:
-    path: /etc/hosts
-    regexp: "(.*{{ ansible_hostname }}.*)"
-    replace: '#\1'
+- name: Line to be added in /etc/hosts if FQDN is not set
+  set_fact:
+    line_to_add: "{{ ansible_default_ipv4.address }} {{ sap_short_hostname.stdout }}"
+  when: sap_short_hostname.stdout == sap_host_fqdn
 
-- name: Enable hostname resolve to internal IP 
+- name: Enable hostname resolve to internal IP
   lineinfile:
     path: /etc/hosts
-    line: "{{ ansible_default_ipv4.address }} {{ ansible_hostname }}"
+    line: "{{ line_to_add }}"
 ...
\ No newline at end of file
diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/hostname_fix_RedHat.yml b/cli/ansible/roles/s4appreq/tasks/configurations/hostname_fix_RedHat.yml
new file mode 100644
index 0000000..6e3dd62
--- /dev/null
+++ b/cli/ansible/roles/s4appreq/tasks/configurations/hostname_fix_RedHat.yml
@@ -0,0 +1,19 @@
+---
+- name: Disable manage_etc_hosts in /etc/cloud/cloud.cfg
+  replace:
+    path: /etc/cloud/cloud.cfg
+    regexp: '(.*manage_etc_hosts.*)'
+    replace: '#\1'
+
+- name: Get short hostname
+  command: hostname -s
+  register: sap_short_hostname
+  changed_when: False
+
+#1054467 - Local host name refers to loopback address
+- name: Disable default hostname resolve to loopback address
+  replace:
+    path: /etc/hosts
+    regexp: "^(?!{{ ansible_default_ipv4.address }}.*{{ sap_short_hostname.stdout }})(.*)({{ sap_short_hostname.stdout }}.*)"
+    replace: '\1'
+...
diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/kdump.yml b/cli/ansible/roles/s4appreq/tasks/configurations/kdump.yml
new file mode 100644
index 0000000..e8a8be5
--- /dev/null
+++ b/cli/ansible/roles/s4appreq/tasks/configurations/kdump.yml
@@ -0,0 +1,11 @@
+---
+- name: Get the list of services
+  service_facts:
+
+- name: Stop and disable kdump
+  systemd:
+    name: kdump
+    state: stopped
+    enabled: no
+  when: "'kdump.service' in services"
+...
diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/kernel_RedHat7.yml b/cli/ansible/roles/s4appreq/tasks/configurations/kernel_RedHat7.yml
index 6582472..bc3cf49 100644
--- a/cli/ansible/roles/s4appreq/tasks/configurations/kernel_RedHat7.yml
+++ b/cli/ansible/roles/s4appreq/tasks/configurations/kernel_RedHat7.yml
@@ -11,5 +11,5 @@
     - { name: kernel.sem, value: "1250 256000 100 1024" }
     - { name: vm.max_map_count, value: 2147483647 } #900929 - Linux: STORAGE_PARAMETERS_WRONG_SET and "mmap() failed"
   loop_control:
-    loop_var: kernel_param  
+    loop_var: kernel_param
 ...
\ No newline at end of file
diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/kernel_RedHat8.yml b/cli/ansible/roles/s4appreq/tasks/configurations/kernel_RedHat8.yml
new file mode 100644
index 0000000..a262bc2
--- /dev/null
+++ b/cli/ansible/roles/s4appreq/tasks/configurations/kernel_RedHat8.yml
@@ -0,0 +1,16 @@
+---
+- name: Set recommended kernel parameters for SAP NW on RedHat 8
+  sysctl:
+    sysctl_file: /etc/sysctl.d/sap.conf
+    name: "{{ kernel_param.name }}"
+    value: "{{ kernel_param.value }}"
+    sysctl_set: yes
+    state: present
+    reload: yes
+  loop:
+    - { name: vm.max_map_count, value: 2147483647 }
+    - { name: kernel.pid_max, value: 4194304 }
+    - { name: kernel.sem, value: "32000 1024000000 500 32000" }
+  loop_control:
+    loop_var: kernel_param
+...
diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/limits.yml b/cli/ansible/roles/s4appreq/tasks/configurations/limits.yml
index 97b44f9..e0b72f0 100644
--- a/cli/ansible/roles/s4appreq/tasks/configurations/limits.yml
+++ b/cli/ansible/roles/s4appreq/tasks/configurations/limits.yml
@@ -25,7 +25,7 @@
   loop_control:
     loop_var: ltype
 
-- name: Set core limits 
+- name: Set core limits
   lineinfile:
     path: /etc/security/limits.conf
     line: "{{ corelimit }}"
diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/reboot.yml b/cli/ansible/roles/s4appreq/tasks/configurations/reboot.yml
new file mode 100644
index 0000000..7287953
--- /dev/null
+++ b/cli/ansible/roles/s4appreq/tasks/configurations/reboot.yml
@@ -0,0 +1,6 @@
+---
+- name: Reboot target host
+  reboot:
+    connect_timeout: 5
+    post_reboot_delay: 10
+...
diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/repository_RedHat.yml b/cli/ansible/roles/s4appreq/tasks/configurations/repository_RedHat.yml
new file mode 100644
index 0000000..aacebff
--- /dev/null
+++ b/cli/ansible/roles/s4appreq/tasks/configurations/repository_RedHat.yml
@@ -0,0 +1,9 @@
+---
+- name: Wait for cloud init to finish
+  cloud_init_data_facts:
+    filter: status
+  register: res
+  until: "res.cloud_init_data_facts.status.v1.stage is defined and not res.cloud_init_data_facts.status.v1.stage"
+  retries: 60
+  delay: 10
+...
diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/repository_SLES.yml b/cli/ansible/roles/s4appreq/tasks/configurations/repository_SLES.yml
new file mode 100644
index 0000000..bb3ef8d
--- /dev/null
+++ b/cli/ansible/roles/s4appreq/tasks/configurations/repository_SLES.yml
@@ -0,0 +1,5 @@
+---
+- name: Wait for SLES repo configurations
+  wait_for:
+    path: /etc/SUSEConnect
+...
diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/reqpkggroups.yml b/cli/ansible/roles/s4appreq/tasks/configurations/reqpkggroups_RedHat.yml
similarity index 59%
rename from cli/ansible/roles/s4appreq/tasks/configurations/reqpkggroups.yml
rename to cli/ansible/roles/s4appreq/tasks/configurations/reqpkggroups_RedHat.yml
index db5c163..ba551d6 100644
--- a/cli/ansible/roles/s4appreq/tasks/configurations/reqpkggroups.yml
+++ b/cli/ansible/roles/s4appreq/tasks/configurations/reqpkggroups_RedHat.yml
@@ -2,5 +2,5 @@
 - name: Import requierd package groups
   dnf:
     state: present
-    name: "{{ s4app_required_package_groups }}" 
+    name: "{{ s4app_required_package_groups }}"
 ...
diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/saptune.yml b/cli/ansible/roles/s4appreq/tasks/configurations/saptune.yml
new file mode 100644
index 0000000..b10231f
--- /dev/null
+++ b/cli/ansible/roles/s4appreq/tasks/configurations/saptune.yml
@@ -0,0 +1,17 @@
+---
+- name: Start and enable saptune service
+  service:
+    name: saptune
+    state: started
+    enabled: yes
+
+- name: Check if NETWEAVER profile was already set
+  command: saptune status
+  register: netweaver_profile
+  changed_when: False
+  failed_when: netweaver_profile.rc != 0 and netweaver_profile.rc != 3
+
+- name: Select NETWEAVER profile for saptune
+  command: /usr/sbin/saptune solution apply NETWEAVER
+  when: "'NETWEAVER' not in netweaver_profile.stdout"
+...
diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/umask_RHEL.yml b/cli/ansible/roles/s4appreq/tasks/configurations/umask_RHEL.yml
new file mode 100644
index 0000000..e38746c
--- /dev/null
+++ b/cli/ansible/roles/s4appreq/tasks/configurations/umask_RHEL.yml
@@ -0,0 +1,12 @@
+---
+- name: Configure default umask
+  replace:
+    path: "{{ file }}"
+    regexp: '(.*umask 077.*)'
+    replace: 'umask 022'
+  loop:
+    - /etc/profile
+    - /etc/bashrc
+  loop_control:
+    loop_var: file
+...
diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/umask_SLES.yml b/cli/ansible/roles/s4appreq/tasks/configurations/umask_SLES.yml
new file mode 100644
index 0000000..438a784
--- /dev/null
+++ b/cli/ansible/roles/s4appreq/tasks/configurations/umask_SLES.yml
@@ -0,0 +1,7 @@
+---
+- name: Configure default umask
+  replace:
+    path: /etc/login.defs
+    regexp: '(.*UMASK     027.*)'
+    replace: 'UMASK     022'
+...
diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/update_os.yml b/cli/ansible/roles/s4appreq/tasks/configurations/update_RedHat7.yml
similarity index 70%
rename from schematics/ansible/roles/saphanareq/tasks/configurations/update_os.yml
rename to cli/ansible/roles/s4appreq/tasks/configurations/update_RedHat7.yml
index dca2386..da9a854 100644
--- a/schematics/ansible/roles/saphanareq/tasks/configurations/update_os.yml
+++ b/cli/ansible/roles/s4appreq/tasks/configurations/update_RedHat7.yml
@@ -4,19 +4,16 @@
     name: "{{ repo_name }}"
     state: enabled
   loop:
+    # - rhel-sap-for-rhel-7-server-e4s-rpms
     - rhel-7-server-rpms
     - rhel-sap-hana-for-rhel-7-server-rpms
     - rhel-7-server-eus-rpms
+
   loop_control:
     loop_var: repo_name
 
-- name: Update all packages
+- name: Update all packages # noqa 403
   yum:
     name: '*'
     state: latest
-
-- name: Reboot target host after update
-  reboot:
-    connect_timeout: 5
-    post_reboot_delay: 10
 ...
diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/update_RedHat8.yml b/cli/ansible/roles/s4appreq/tasks/configurations/update_RedHat8.yml
new file mode 100644
index 0000000..20324b3
--- /dev/null
+++ b/cli/ansible/roles/s4appreq/tasks/configurations/update_RedHat8.yml
@@ -0,0 +1,6 @@
+---
+- name: Update all packages # noqa 403
+  yum:
+    name: '*'
+    state: latest
+...
diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/update_SLES_SAP.yml b/cli/ansible/roles/s4appreq/tasks/configurations/update_SLES_SAP.yml
new file mode 100644
index 0000000..d6f097d
--- /dev/null
+++ b/cli/ansible/roles/s4appreq/tasks/configurations/update_SLES_SAP.yml
@@ -0,0 +1,6 @@
+---
+- name: Update all packages # noqa 403
+  zypper:
+    name: '*'
+    state: latest
+...
diff --git a/cli/ansible/roles/s4appreq/tasks/configurations/update_os.yml b/cli/ansible/roles/s4appreq/tasks/configurations/update_os.yml
deleted file mode 100644
index 6781cdd..0000000
--- a/cli/ansible/roles/s4appreq/tasks/configurations/update_os.yml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-- name: Update all packages
-  yum:
-    name: '*'
-    state: latest
-
-- name: Reboot target host after update
-  reboot:
-    connect_timeout: 5
-    post_reboot_delay: 10
-...
diff --git a/cli/ansible/roles/s4appreq/tasks/main.yml b/cli/ansible/roles/s4appreq/tasks/main.yml
index 1201a1e..bc0c392 100644
--- a/cli/ansible/roles/s4appreq/tasks/main.yml
+++ b/cli/ansible/roles/s4appreq/tasks/main.yml
@@ -2,17 +2,7 @@
 - name: Import OS distribution variables
   include_vars: "{{ ansible_distribution }}{{ ansible_distribution_major_version }}.yml"
 
-- name: Enable additional repositories
-  rhsm_repository:
-    name: "{{ repo_name }}"
-    state: enabled
-  loop:
-    - rhel-7-server-eus-rpms
-    - rhel-7-server-rpms
-  loop_control:
-    loop_var: repo_name
-
-- name: Make specific OS configurations as recommended by SAP for S4HANA APP
+- name: Make specific OS configurations as recommended by SAP for S/4HANA APP
   include_tasks: "configurations/{{ item }}.yml"
   loop: "{{ s4app_required_configurations }}"
 ...
diff --git a/cli/ansible/roles/s4appreq/vars/RedHat7.yml b/cli/ansible/roles/s4appreq/vars/RedHat7.yml
index c932a22..1765e2b 100644
--- a/cli/ansible/roles/s4appreq/vars/RedHat7.yml
+++ b/cli/ansible/roles/s4appreq/vars/RedHat7.yml
@@ -12,15 +12,19 @@ s4app_required_package_groups:
   - "@performance"
   - "@compat-libraries"
 s4app_required_configurations:
-  - "hostname"
-  - "kernel_RedHat7"
-  - "update_os"
-  - "reqpkggroups"
+  - "repository_RedHat"
+  - "update_RedHat7"
   - "reqpkg"
+  - "reqpkggroups_RedHat"
+  - "hostname_fix_RedHat"
+  - "hostname"
   - "filesystems"
+  - "firewalld"
   - "uuidd"
   - "SELinux"
   - "limits"
   - "tmpfiles"
   - "compatlibs"
+  - "kernel_RedHat7"
+  - "reboot"
 ...
diff --git a/cli/ansible/roles/s4appreq/vars/RedHat8.yml b/cli/ansible/roles/s4appreq/vars/RedHat8.yml
new file mode 100644
index 0000000..ceb0eb4
--- /dev/null
+++ b/cli/ansible/roles/s4appreq/vars/RedHat8.yml
@@ -0,0 +1,53 @@
+---
+s4app_required_packages:
+  - cairo
+  - graphviz
+  - iptraf-ng
+  - lm_sensors
+  - net-tools
+  - uuidd
+  - libnsl
+  - tcsh
+  - psmisc
+  - nfs-utils
+  - bind-utils
+  - expect
+  - gtk2
+  - krb5-workstation
+  - krb5-libs
+  - libaio
+  - libcanberra-gtk2
+  - libibverbs
+  - libicu
+  - libtool-ltdl
+  - numactl
+  - openssl
+  - PackageKit-gtk3-module
+  - rsyslog
+  - sudo
+  - xfsprogs
+  - xorg-x11-xauth
+  - libatomic
+  - chrony
+  - lvm2
+  - unzip
+
+s4app_required_configurations:
+  - "repository_RedHat"
+  - "update_RedHat8"
+  - "reqpkg"
+  - "hostname_fix_RedHat"
+  - "hostname"
+  - "kernel_RedHat8"
+  - "umask_RHEL"
+  - "reboot"
+  - "filesystems"
+  - "SELinux"
+  - "firewalld"
+  - "uuidd"
+  - "abrtd"
+  - "kdump"
+  - "limits"
+  - "tmpfiles"
+  - "reboot"
+... 
diff --git a/cli/ansible/roles/s4appreq/vars/SLES_SAP15.yml b/cli/ansible/roles/s4appreq/vars/SLES_SAP15.yml
new file mode 100644
index 0000000..7b061f2
--- /dev/null
+++ b/cli/ansible/roles/s4appreq/vars/SLES_SAP15.yml
@@ -0,0 +1,19 @@
+---
+s4app_required_packages:
+  - lvm2
+  - uuidd
+
+s4app_required_configurations:
+  - "repository_SLES"
+  - "update_SLES_SAP"
+  - "reqpkg"
+  - "umask_SLES"
+  - "hostname"
+  - "reboot"
+  - "filesystems"
+  - "limits"
+  - "tmpfiles"
+  - "uuidd"
+  - "saptune"
+  - "reboot"
+...
diff --git a/cli/ansible/roles/saphanainst/tasks/install_kit.yml b/cli/ansible/roles/saphanainst/tasks/install_kit.yml
index 3f2b95f..1aa88c2 100644
--- a/cli/ansible/roles/saphanainst/tasks/install_kit.yml
+++ b/cli/ansible/roles/saphanainst/tasks/install_kit.yml
@@ -16,14 +16,22 @@
   when: "'rsync' in ansible_facts.packages"
   delegate_to: localhost
 
-- name: Gather the package facts for target
+- name: Gather the package facts for Red Hat target
   package_facts:
     manager: auto
+  when: ansible_facts['os_family'] == "RedHat"
+
+- name: Gather the packages for Suse target # noqa 305
+  shell:  zypper search -i --match-exact rsync
+  args:
+    warn: false
+  register: rsync_search_result
+  when: ansible_facts['os_family'] == "Suse"
 
 - name: Check if rsync package is available on target
   set_fact:
     rsync_found_target: true
-  when: "'rsync' in ansible_facts.packages"
+  when: ansible_facts['os_family'] == "RedHat" and "'rsync' in ansible_facts.packages" or ansible_facts['os_family'] == "Suse" and rsync_search_result.rc == 0
 
 - name: Copy "{{ kit_saphana_file }}" kit to target using rsync
   synchronize:
diff --git a/cli/ansible/roles/saphanainst/tasks/main.yml b/cli/ansible/roles/saphanainst/tasks/main.yml
index 88d8640..bfcf2d2 100644
--- a/cli/ansible/roles/saphanainst/tasks/main.yml
+++ b/cli/ansible/roles/saphanainst/tasks/main.yml
@@ -7,8 +7,14 @@
       src: hanaconfig.cfg
       dest: "{{ hana_kit }}/hanaconfig.cfg"
 
-- name: Start SAP HANA DB installation
+- name: Check if HANA DB was already installed
+  stat:
+    path: "/hana/shared/{{ hana_sid|upper }}/exe/linuxx86_64/hdb"
+  register: hdb_install_status
+
+- name: Start SAP HANA DB installation # noqa 305
   shell: "{{ hana_kit }}/DATA_UNITS/HDB_SERVER_LINUX_X86_64/hdblcm --configfile={{ hana_kit }}/hanaconfig.cfg -b"
+  when: not hdb_install_status.stat.exists
 
 - name: Cleanup
   file:
diff --git a/cli/ansible/roles/saphanareq/defaults/main.yml b/cli/ansible/roles/saphanareq/defaults/main.yml
index 75dae98..8cba8e1 100644
--- a/cli/ansible/roles/saphanareq/defaults/main.yml
+++ b/cli/ansible/roles/saphanareq/defaults/main.yml
@@ -3,7 +3,7 @@
 hana_disk_size: "500.00 GB"
 
 #Logical volume size config
-swap_lv_size: "20g"
+swap_lv_size: "2g"
 hana_data_lv_size: "700g"
 hana_log_lv_size: "250g"
 hana_shared_lv_size: "250g"
diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/SELinux.yml b/cli/ansible/roles/saphanareq/tasks/configurations/SELinux.yml
index 2277489..967003c 100644
--- a/cli/ansible/roles/saphanareq/tasks/configurations/SELinux.yml
+++ b/cli/ansible/roles/saphanareq/tasks/configurations/SELinux.yml
@@ -2,4 +2,4 @@
 - name: Disable SELinux
   selinux:
     state: disabled
-...    
\ No newline at end of file
+...
\ No newline at end of file
diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/abrtd.yml b/cli/ansible/roles/saphanareq/tasks/configurations/abrtd.yml
index bbfda1a..a77e224 100644
--- a/cli/ansible/roles/saphanareq/tasks/configurations/abrtd.yml
+++ b/cli/ansible/roles/saphanareq/tasks/configurations/abrtd.yml
@@ -1,7 +1,11 @@
 ---
+- name: Get the list of services
+  service_facts:
+
 - name: Stop and disable abrtd
   systemd:
     name: abrtd
     state: stopped
     enabled: no
+  when: "'abrtd.service' in services"
 ...
diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/filesystems.yml b/cli/ansible/roles/saphanareq/tasks/configurations/filesystems.yml
index 8f01d7c..990bf1f 100644
--- a/cli/ansible/roles/saphanareq/tasks/configurations/filesystems.yml
+++ b/cli/ansible/roles/saphanareq/tasks/configurations/filesystems.yml
@@ -1,6 +1,6 @@
 ---
 - name: Get available storage devices for HANA VG
-  set_fact: 
+  set_fact:
     data_disk: "{{ data_disk|default([]) + ['/dev/' + device.key] }}"
   when:
      - not device.value.partitions
@@ -36,26 +36,26 @@
     size: "{{ hana_data_lv_size }}"
     opts: -i3 -I256
 
-- name: Create a logical volume for HANA log 
+- name: Create a logical volume for HANA log
   lvol:
     vg: "{{ hana_sid|lower }}_hana_vg"
     lv: "{{ hana_sid|lower }}_hana_log_lv"
     size: "{{ hana_log_lv_size }}"
     opts: -i3 -I64
 
-- name: Create a logical volume for HANA shared 
+- name: Create a logical volume for HANA shared
   lvol:
     vg: "{{ hana_sid|lower }}_hana_vg"
     lv: "{{ hana_sid|lower }}_hana_shared_lv"
     size: "{{ hana_shared_lv_size }}"
     opts: -i3
 
-- name: Create a logical volume for /usr/sap 
+- name: Create a logical volume for /usr/sap
   lvol:
     vg: "{{ hana_sid|lower }}_hana_vg"
     lv: "{{ hana_sid|lower }}_sap_lv"
     size: "{{ sap_lv_size }}"
-    opts: -i3    
+    opts: -i3
 
 - name: Create a swap filesystem
   filesystem:
@@ -88,8 +88,13 @@
     regexp: "^/dev/{{ hana_sid|lower }}_hana_vg/{{ hana_sid|lower }}_swap_lv"
     line: "/dev/{{ hana_sid|lower }}_hana_vg/{{ hana_sid|lower }}_swap_lv  swap  swap  defaults  0 0"
 
+- name: Check the current swap size
+  set_fact:
+    hana_vm_swap: "{{ ansible_swaptotal_mb }}"
+
 - name: Mount swap volume
   command: swapon -a
+  when: hana_vm_swap == 0
 
 - name: Mount /hana/data and add it to /etc/fstab
   mount:
diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/hostname.yml b/cli/ansible/roles/saphanareq/tasks/configurations/hostname.yml
index f3ff0d1..6dae370 100644
--- a/cli/ansible/roles/saphanareq/tasks/configurations/hostname.yml
+++ b/cli/ansible/roles/saphanareq/tasks/configurations/hostname.yml
@@ -2,28 +2,30 @@
 #2718300 - Physical and Virtual hostname length limitations
 - name: Get short hostname
   command: hostname -s
-  register: sap_short_hostname
+  register: hana_short_hostname
+  changed_when: False
+
+- name: Get FQDN
+  set_fact:
+    hana_host_fqdn: "{{ ansible_fqdn }}"
 
 - name: Check if hostname has 13 or less characters as per SAP requirement
   fail:
-    msg: "Hostname {{ sap_short_hostname.stdout }} has more than 13 characters"
-  when:  sap_short_hostname.stdout|length > 13
+    msg: "Hostname {{ hana_short_hostname.stdout }} has more than 13 characters"
+  when:  hana_short_hostname.stdout|length > 13
 
-- name: Disable manage_etc_hosts in /etc/cloud/cloud.cfg
-  replace:
-    path: /etc/cloud/cloud.cfg
-    regexp: '(.*manage_etc_hosts.*)'
-    replace: '#\1'
+- name: Line to be added in /etc/hosts if FQDN is set
+  set_fact:
+    line_to_add: "{{ ansible_default_ipv4.address }} {{ hana_host_fqdn }} {{ hana_short_hostname.stdout }}"
+  when: hana_short_hostname.stdout != hana_host_fqdn
 
-#1054467 - Local host name refers to loopback address
-- name: Disable default hostname resolve to loopback address 
-  replace:
-    path: /etc/hosts
-    regexp: "(.*{{ ansible_hostname }}.*)"
-    replace: '#\1'
+- name: Line to be added in /etc/hosts if FQDN is not set
+  set_fact:
+    line_to_add: "{{ ansible_default_ipv4.address }} {{ hana_short_hostname.stdout }}"
+  when: hana_short_hostname.stdout == hana_host_fqdn
 
-- name: Enable hostname resolve to internal IP 
+- name: Enable hostname resolve to internal IP
   lineinfile:
     path: /etc/hosts
-    line: "{{ ansible_default_ipv4.address }} {{ ansible_hostname }}"
+    line: "{{ line_to_add }}"
 ...
\ No newline at end of file
diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/hostname_fix_RedHat.yml b/cli/ansible/roles/saphanareq/tasks/configurations/hostname_fix_RedHat.yml
new file mode 100644
index 0000000..6e3dd62
--- /dev/null
+++ b/cli/ansible/roles/saphanareq/tasks/configurations/hostname_fix_RedHat.yml
@@ -0,0 +1,19 @@
+---
+- name: Disable manage_etc_hosts in /etc/cloud/cloud.cfg
+  replace:
+    path: /etc/cloud/cloud.cfg
+    regexp: '(.*manage_etc_hosts.*)'
+    replace: '#\1'
+
+- name: Get short hostname
+  command: hostname -s
+  register: sap_short_hostname
+  changed_when: False
+
+#1054467 - Local host name refers to loopback address
+- name: Disable default hostname resolve to loopback address
+  replace:
+    path: /etc/hosts
+    regexp: "^(?!{{ ansible_default_ipv4.address }}.*{{ sap_short_hostname.stdout }})(.*)({{ sap_short_hostname.stdout }}.*)"
+    replace: '\1'
+...
diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/kdump.yml b/cli/ansible/roles/saphanareq/tasks/configurations/kdump.yml
index 75eaa23..3c55657 100644
--- a/cli/ansible/roles/saphanareq/tasks/configurations/kdump.yml
+++ b/cli/ansible/roles/saphanareq/tasks/configurations/kdump.yml
@@ -1,7 +1,11 @@
 ---
+- name: Get the list of services
+  service_facts:
+
 - name: Stop and disable kdump
   systemd:
     name: kdump
     state: stopped
     enabled: no
+  when: "'kdump.service' in services"
 ...
\ No newline at end of file
diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat7.yml b/cli/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat7.yml
index bd6b289..fd519a8 100644
--- a/cli/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat7.yml
+++ b/cli/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat7.yml
@@ -11,7 +11,7 @@
     - { name: net.core.somaxconn, value: 4096 }
     - { name: net.ipv4.tcp_max_syn_backlog, value: 8192 }
     - { name: net.ipv4.tcp_slow_start_after_idle, value: 0 }
-    - { name: net.ipv4.tcp_syn_retries, value: 8 } 
+    - { name: net.ipv4.tcp_syn_retries, value: 8 }
   loop_control:
-    loop_var: kernel_param  
+    loop_var: kernel_param
 ...
\ No newline at end of file
diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat8.yml b/cli/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat8.yml
index e36daa4..f853794 100644
--- a/cli/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat8.yml
+++ b/cli/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat8.yml
@@ -13,7 +13,7 @@
     - { name: net.core.somaxconn, value: 4096 }
     - { name: net.ipv4.tcp_max_syn_backlog, value: 8192 }
     - { name: net.ipv4.tcp_slow_start_after_idle, value: 0 }
-    - { name: net.ipv4.tcp_syn_retries, value: 8 } 
+    - { name: net.ipv4.tcp_syn_retries, value: 8 }
   loop_control:
-    loop_var: kernel_param  
+    loop_var: kernel_param
 ...
\ No newline at end of file
diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/kernel_SLES_SAP15.yml b/cli/ansible/roles/saphanareq/tasks/configurations/kernel_SLES_SAP15.yml
new file mode 100644
index 0000000..0789814
--- /dev/null
+++ b/cli/ansible/roles/saphanareq/tasks/configurations/kernel_SLES_SAP15.yml
@@ -0,0 +1,16 @@
+---
+- name: Set recommended kernel parameters for SAP HANA DB on SLES 15
+  sysctl:
+    sysctl_file: /etc/sysctl.d/sap.conf
+    name: "{{ kernel_param.name }}"
+    value: "{{ kernel_param.value }}"
+    sysctl_set: yes
+    state: present
+    reload: yes
+  loop:
+    - { name: net.core.somaxconn, value: 4096 }
+    - { name: net.ipv4.tcp_max_syn_backlog, value: 8192 }
+    - { name: net.ipv4.tcp_slow_start_after_idle, value: 0 }
+  loop_control:
+    loop_var: kernel_param
+...
diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/limits.yml b/cli/ansible/roles/saphanareq/tasks/configurations/limits.yml
index 332b9ff..6dd0745 100644
--- a/cli/ansible/roles/saphanareq/tasks/configurations/limits.yml
+++ b/cli/ansible/roles/saphanareq/tasks/configurations/limits.yml
@@ -25,7 +25,7 @@
   loop_control:
     loop_var: ltype
 
-- name: Set core limits 
+- name: Set core limits
   lineinfile:
     path: /etc/security/limits.conf
     line: "{{ corelimit }}"
diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/reboot.yml b/cli/ansible/roles/saphanareq/tasks/configurations/reboot.yml
new file mode 100644
index 0000000..7287953
--- /dev/null
+++ b/cli/ansible/roles/saphanareq/tasks/configurations/reboot.yml
@@ -0,0 +1,6 @@
+---
+- name: Reboot target host
+  reboot:
+    connect_timeout: 5
+    post_reboot_delay: 10
+...
diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/repository_RedHat.yml b/cli/ansible/roles/saphanareq/tasks/configurations/repository_RedHat.yml
new file mode 100644
index 0000000..aacebff
--- /dev/null
+++ b/cli/ansible/roles/saphanareq/tasks/configurations/repository_RedHat.yml
@@ -0,0 +1,9 @@
+---
+- name: Wait for cloud init to finish
+  cloud_init_data_facts:
+    filter: status
+  register: res
+  until: "res.cloud_init_data_facts.status.v1.stage is defined and not res.cloud_init_data_facts.status.v1.stage"
+  retries: 60
+  delay: 10
+...
diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/repository_SLES.yml b/cli/ansible/roles/saphanareq/tasks/configurations/repository_SLES.yml
new file mode 100644
index 0000000..bb3ef8d
--- /dev/null
+++ b/cli/ansible/roles/saphanareq/tasks/configurations/repository_SLES.yml
@@ -0,0 +1,5 @@
+---
+- name: Wait for SLES repo configurations
+  wait_for:
+    path: /etc/SUSEConnect
+...
diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/reqpkggroups.yml b/cli/ansible/roles/saphanareq/tasks/configurations/reqpkggroups_RedHat.yml
similarity index 58%
rename from schematics/ansible/roles/saphanareq/tasks/configurations/reqpkggroups.yml
rename to cli/ansible/roles/saphanareq/tasks/configurations/reqpkggroups_RedHat.yml
index 7e3908d..4a603e9 100644
--- a/schematics/ansible/roles/saphanareq/tasks/configurations/reqpkggroups.yml
+++ b/cli/ansible/roles/saphanareq/tasks/configurations/reqpkggroups_RedHat.yml
@@ -2,5 +2,5 @@
 - name: Import requierd package groups
   dnf:
     state: present
-    name: "{{ saphana_required_package_groups }}" 
+    name: "{{ saphana_required_package_groups }}"
 ...
diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/saptune.yml b/cli/ansible/roles/saphanareq/tasks/configurations/saptune.yml
new file mode 100644
index 0000000..6209cc9
--- /dev/null
+++ b/cli/ansible/roles/saphanareq/tasks/configurations/saptune.yml
@@ -0,0 +1,17 @@
+---
+- name: Start and enable saptune service
+  service:
+    name: saptune
+    state: started
+    enabled: yes
+
+- name: Check if HANA profile was already set
+  command: "saptune status"
+  register: hana_profile
+  changed_when: False
+  failed_when: hana_profile.rc != 0 and hana_profile.rc != 3
+
+- name: Select HANA profile for saptune
+  command: /usr/sbin/saptune solution apply HANA
+  when: "'HANA' not in hana_profile.stdout"
+...
diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/tuned.yml b/cli/ansible/roles/saphanareq/tasks/configurations/tuned.yml
index 4ae6b80..1c0ae8b 100644
--- a/cli/ansible/roles/saphanareq/tasks/configurations/tuned.yml
+++ b/cli/ansible/roles/saphanareq/tasks/configurations/tuned.yml
@@ -10,6 +10,12 @@
     state: started
     enabled: yes
 
+- name: Check if sap-hana profile was already activated
+  command: "tuned-adm active"
+  register: tuned_active
+  changed_when: False
+
 - name: Select sap-hana profile for tuned
   command: /usr/sbin/tuned-adm profile sap-hana
+  when: "'sap_hana' not in tuned_active.stdout"
 ...
\ No newline at end of file
diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/umask_RHEL.yml b/cli/ansible/roles/saphanareq/tasks/configurations/umask_RHEL.yml
new file mode 100644
index 0000000..e38746c
--- /dev/null
+++ b/cli/ansible/roles/saphanareq/tasks/configurations/umask_RHEL.yml
@@ -0,0 +1,12 @@
+---
+- name: Configure default umask
+  replace:
+    path: "{{ file }}"
+    regexp: '(.*umask 077.*)'
+    replace: 'umask 022'
+  loop:
+    - /etc/profile
+    - /etc/bashrc
+  loop_control:
+    loop_var: file
+...
diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/umask_SLES.yml b/cli/ansible/roles/saphanareq/tasks/configurations/umask_SLES.yml
new file mode 100644
index 0000000..438a784
--- /dev/null
+++ b/cli/ansible/roles/saphanareq/tasks/configurations/umask_SLES.yml
@@ -0,0 +1,7 @@
+---
+- name: Configure default umask
+  replace:
+    path: /etc/login.defs
+    regexp: '(.*UMASK     027.*)'
+    replace: 'UMASK     022'
+...
diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/update_RedHat7.yml b/cli/ansible/roles/saphanareq/tasks/configurations/update_RedHat7.yml
new file mode 100644
index 0000000..4824910
--- /dev/null
+++ b/cli/ansible/roles/saphanareq/tasks/configurations/update_RedHat7.yml
@@ -0,0 +1,18 @@
+---
+- name: Enable repository for compat-sap-c++-9
+  rhsm_repository:
+    name: "{{ repo_name }}"
+    state: enabled
+  loop:
+    # - rhel-sap-for-rhel-7-server-e4s-rpms
+    - rhel-7-server-rpms
+    - rhel-sap-hana-for-rhel-7-server-rpms
+    - rhel-7-server-eus-rpms
+  loop_control:
+    loop_var: repo_name
+
+- name: Update all packages # noqa 403
+  yum:
+    name: '*'
+    state: latest
+...
diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/update_RedHat8.yml b/cli/ansible/roles/saphanareq/tasks/configurations/update_RedHat8.yml
new file mode 100644
index 0000000..20324b3
--- /dev/null
+++ b/cli/ansible/roles/saphanareq/tasks/configurations/update_RedHat8.yml
@@ -0,0 +1,6 @@
+---
+- name: Update all packages # noqa 403
+  yum:
+    name: '*'
+    state: latest
+...
diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/update_SLES_SAP.yml b/cli/ansible/roles/saphanareq/tasks/configurations/update_SLES_SAP.yml
new file mode 100644
index 0000000..d6f097d
--- /dev/null
+++ b/cli/ansible/roles/saphanareq/tasks/configurations/update_SLES_SAP.yml
@@ -0,0 +1,6 @@
+---
+- name: Update all packages # noqa 403
+  zypper:
+    name: '*'
+    state: latest
+...
diff --git a/cli/ansible/roles/saphanareq/vars/RedHat7.yml b/cli/ansible/roles/saphanareq/vars/RedHat7.yml
index b6b3e5d..fb40a1c 100644
--- a/cli/ansible/roles/saphanareq/vars/RedHat7.yml
+++ b/cli/ansible/roles/saphanareq/vars/RedHat7.yml
@@ -33,16 +33,21 @@ saphana_required_package_groups:
   - "@base"
 
 saphana_required_configurations:
-  - "update_os"
-  - "reqpkggroups"
+  - "repository_RedHat"
+  - "update_RedHat7"
+  - "reqpkggroups_RedHat"
   - "reqpkg"
+  - "hostname_fix_RedHat"
   - "hostname"
   - "filesystems"
   - "tuned"
   - "SELinux"
+  - "firewalld"
   - "symlinks"
   - "abrtd"
   - "kdump"
   - "limits"
+  - "tmpfiles"
   - "kernel_RedHat7"
+  - "reboot"
 ...
diff --git a/cli/ansible/roles/saphanareq/vars/RedHat8.yml b/cli/ansible/roles/saphanareq/vars/RedHat8.yml
new file mode 100644
index 0000000..99aabdf
--- /dev/null
+++ b/cli/ansible/roles/saphanareq/vars/RedHat8.yml
@@ -0,0 +1,56 @@
+---
+saphana_required_packages:
+  - cairo
+  - graphviz
+  - iptraf-ng
+  - lm_sensors
+  - net-tools
+  - uuidd
+  - libnsl
+  - tcsh
+  - psmisc
+  - nfs-utils
+  - bind-utils
+  - expect
+  - gtk2
+  - krb5-workstation
+  - krb5-libs
+  - libaio
+  - libcanberra-gtk2
+  - libibverbs
+  - libicu
+  - libssh2
+  - libtool-ltdl
+  - numactl
+  - openssl
+  - PackageKit-gtk3-module
+  - rsyslog
+  - sudo
+  - xfsprogs
+  - xorg-x11-xauth
+  - compat-sap-c++-9
+  - libatomic
+  - chrony
+  - lvm2
+  - unzip
+
+saphana_required_configurations:
+  - "repository_RedHat"
+  - "update_RedHat8"
+  - "reqpkg"
+  - "hostname_fix_RedHat"
+  - "hostname"
+  - "umask_RHEL"
+  - "kernel_RedHat8"
+  - "reboot"
+  - "filesystems"
+  - "tuned"
+  - "SELinux"
+  - "firewalld"
+  - "uuidd"
+  - "abrtd"
+  - "kdump"
+  - "limits"
+  - "tmpfiles"
+  - "reboot"
+... 
diff --git a/cli/ansible/roles/saphanareq/vars/SLES_SAP15.yml b/cli/ansible/roles/saphanareq/vars/SLES_SAP15.yml
new file mode 100644
index 0000000..f6b78e2
--- /dev/null
+++ b/cli/ansible/roles/saphanareq/vars/SLES_SAP15.yml
@@ -0,0 +1,20 @@
+---
+saphana_required_packages:
+  - lvm2
+  - uuidd
+
+saphana_required_configurations:
+  - "repository_SLES"
+  - "update_SLES_SAP"
+  - "reqpkg"
+  - "umask_SLES"
+  - "hostname"
+  - "kernel_SLES_SAP15"
+  - "reboot"
+  - "filesystems"
+  - "limits"
+  - "tmpfiles"
+  - "uuidd"
+  - "saptune"
+  - "reboot"
+... 
diff --git a/cli/ansible/saphana-vars.yml b/cli/ansible/saphana-vars.yml
deleted file mode 100644
index b5a0361..0000000
--- a/cli/ansible/saphana-vars.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-#Ansible vars_file containing variable values passed from Terraform.
-#Generated by "terraform plan&apply" command.
-
-#HANA DB configuration
-hana_sid: "HDB"
-hana_sysno: "00"
-hana_main_password: ""
-hana_system_usage: "custom"
-hana_components: "server"
-
-#SAP HANA Installation kit path
-kit_saphana_file: "/storage/HANADB/51054623.ZIP"
-...
diff --git a/cli/ansible/saps4app-vars.yml b/cli/ansible/saps4app-vars.yml
deleted file mode 100644
index 24e9fd7..0000000
--- a/cli/ansible/saps4app-vars.yml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-#Ansible vars_file containing variable values passed from Terraform.
-#Generated by "terraform plan&apply" command.
-
-#SAP system configuration
-sap_sid: "S4A"
-sap_ascs_instance_number: "01"
-sap_ci_instance_number: "00"
-sap_main_password: ""
-
-#HANA config
-hdb_host: ""
-hdb_sid: "HDB"
-hdb_instance_number: "00"
-hdb_main_password: ""
-# Number of concurrent jobs used to load and/or extract archives to HANA Host
-hdb_concurrent_jobs: "23"
-
-#SAP S4HANA APP Installation kit path
-kit_sapcar_file: "/storage/S4HANA/SAPCAR_1010-70006178.EXE"
-kit_swpm_file: "/storage/S4HANA/SWPM20SP09_4-80003424.SAR"
-kit_sapexe_file: "/storage/S4HANA/SAPEXE_100-70005283.SAR"
-kit_sapexedb_file: "/storage/S4HANA/SAPEXEDB_100-70005282.SAR"
-kit_igsexe_file: "/storage/S4HANA/igsexe_1-70005417.sar"
-kit_igshelper_file: "/storage/S4HANA/igshelper_17-10010245.sar"
-kit_saphotagent_file: "/storage/S4HANA/SAPHOSTAGENT51_51-20009394.SAR"
-kit_hdbclient_file: "/storage/S4HANA/IMDB_CLIENT20_009_28-80002082.SAR"
-kit_s4hana_export: "/storage/S4HANA/export"
-...
diff --git a/cli/input.auto.tfvars b/cli/input.auto.tfvars
index afff0ee..11a0e7c 100644
--- a/cli/input.auto.tfvars
+++ b/cli/input.auto.tfvars
@@ -1,40 +1,116 @@
+##########################################################
 # General VPC variables:
+######################################################
+
 REGION = "eu-de"
+# Region for the VSI. Supported regions: https://cloud.ibm.com/docs/containers?topic=containers-regions-and-zones#zones-vpc
+# Example: REGION = "eu-de"
+
 ZONE = "eu-de-2"
-VPC = "ic4sap" # EXISTING Security group name
-SECURITY_GROUP = "ic4sap-securitygroup" # EXISTING Security group name
-RESOURCE_GROUP = "wes-automation" # EXISTING Resource group name
-SUBNET = "ic4sap-subnet" # EXISTING Subnet name
-SSH_KEYS = [ "r010-57bfc315-f9e5-46bf-bf61-d87a24a9ce7a" , "r010-e372fc6f-4aef-4bdf-ade6-c4b7c1ad61ca" , "r010-09325e15-15be-474e-9b3b-21827b260717" , "r010-5cfdb578-fc66-4bf7-967e-f5b4a8d03b89" , "r010-7b85d127-7493-4911-bdb7-61bf40d3c7d4" , "r010-771e15dd-8081-4cca-8844-445a40e6a3b3" , "r010-d941534b-1d30-474e-9494-c26a88d4cda3" ]
+# Availability zone for VSI. Supported zones: https://cloud.ibm.com/docs/containers?topic=containers-regions-and-zones#zones-vpc
+# Example: ZONE = "eu-de-2"
+
+VPC = "ic4sap"
+# EXISTING VPC, previously created by the user in the same region as the VSI. The list of available VPCs: https://cloud.ibm.com/vpc-ext/network/vpcs
+# Example: VPC = "ic4sap"
+
+SECURITY_GROUP = "ic4sap-securitygroup"
+# EXISTING Security group, previously created by the user in the same VPC. The list of available Security Groups: https://cloud.ibm.com/vpc-ext/network/securityGroups
+# Example: SECURITY_GROUP = "ic4sap-securitygroup"
+
+RESOURCE_GROUP = "wes-automation"
+# EXISTING Resource group, previously created by the user. The list of available Resource Groups: https://cloud.ibm.com/account/resource-groups
+# Example: RESOURCE_GROUP = "wes-automation"
+
+SUBNET = "ic4sap-subnet"
+# EXISTING Subnet in the same region and zone as the VSI, previously created by the user. The list of available Subnets: https://cloud.ibm.com/vpc-ext/network/subnets
+# Example: SUBNET = "ic4sap-subnet"
+
+SSH_KEYS = ["r010-57bfc315-f9e5-46bf-bf61-d87a24a9ce7a", "r010-e372fc6f-4aef-4bdf-ade6-c4b7c1ad61ca", "r010-09325e15-15be-474e-9b3b-21827b260717", "r010-5cfdb578-fc66-4bf7-967e-f5b4a8d03b89" , "r010-7b85d127-7493-4911-bdb7-61bf40d3c7d4", "r010-771e15dd-8081-4cca-8844-445a40e6a3b3", "r010-d941534b-1d30-474e-9494-c26a88d4cda3"]
+# List of SSH Keys UUIDs that are allowed to SSH as root to the VSI. The SSH Keys should be created for the same region as the VSI. The list of available SSH Keys UUIDs: https://cloud.ibm.com/vpc-ext/compute/sshKeys
+# Example: SSH_KEYS = ["r010-8f72b994-c17f-4500-af8f-d05680374t3c", "r011-8f72v884-c17f-4500-af8f-d05900374t3c"]
+
+##########################################################
+# DB VSI variables:
+##########################################################
 
-# SAP Database VSI variables:
 DB-HOSTNAME = "saps4hnmar1"
+# The Hostname for the DB VSI. The hostname should be up to 13 characters, as required by SAP
+# Example: HOSTNAME = "ic4sap"
+
 DB-PROFILE = "mx2-16x128"
-DB-IMAGE = "ibm-redhat-7-6-amd64-sap-hana-3"
+# The DB VSI profile. Supported profiles for DB VSI: mx2-16x128. The list of available profiles: https://cloud.ibm.com/docs/vpc?topic=vpc-profiles&interface=ui
+
+DB-IMAGE = "ibm-redhat-8-4-amd64-sap-hana-2"
+# OS image for DB VSI. Supported OS images for DB VSIs: ibm-sles-15-3-amd64-sap-hana-2, ibm-redhat-8-4-amd64-sap-hana-2, ibm-redhat-7-6-amd64-sap-hana-3.
+# The list of available VPC Operating Systems supported by SAP: SAP note '2927211 - SAP Applications on IBM Virtual Private Cloud (VPC) Infrastructure environment' https://launchpad.support.sap.com/#/notes/2927211; The list of all available OS images: https://cloud.ibm.com/docs/vpc?topic=vpc-about-images
+# Example: DB-IMAGE = "ibm-redhat-7-6-amd64-sap-applications-2" 
+
+##########################################################
+# SAP APP VSI variables:
+##########################################################
 
-# SAP APPs VSI variables:
 APP-HOSTNAME = "saps4apmar1"
+# The Hostname for the SAP APP VSI. The hostname should be up to 13 characters, as required by SAP
+# Example: HOSTNAME = "ic4sap"
+
 APP-PROFILE = "bx2-4x16"
-APP-IMAGE = "ibm-redhat-7-6-amd64-sap-applications-3"
+# The APP VSI profile. Supported profiles: bx2-4x16. The list of available profiles: https://cloud.ibm.com/docs/vpc?topic=vpc-profiles&interface=ui
+
+APP-IMAGE = "ibm-redhat-8-4-amd64-sap-applications-2"
+# OS image for SAP APP VSI. Supported OS images for APP VSIs: ibm-sles-15-3-amd64-sap-applications-2, ibm-redhat-8-4-amd64-sap-applications-2, ibm-redhat-7-6-amd64-sap-applications-3.
+# The list of available VPC Operating Systems supported by SAP: SAP note '2927211 - SAP Applications on IBM Virtual Private Cloud (VPC) Infrastructure environment' https://launchpad.support.sap.com/#/notes/2927211; The list of all available OS images: https://cloud.ibm.com/docs/vpc?topic=vpc-about-images
+# Example: APP-IMAGE = "ibm-redhat-7-6-amd64-sap-applications-2" 
+
+##########################################################
+# SAP HANA configuration
+##########################################################
 
-#HANA DB configuration
 hana_sid = "HDB"
+# SAP HANA system ID. Should follow the SAP rules for SID naming.
+# Example: hana_sid = "HDB"
+
 hana_sysno = "00"
+# SAP HANA instance number. Should follow the SAP rules for instance number naming.
+# Example: hana_sysno = "01"
+
 hana_system_usage = "custom"
+# System usage. Default: custom. Suported values: production, test, development, custom
+# Example: hana_system_usage = "custom"
+
 hana_components = "server"
+# SAP HANA Components. Default: server. Supported values: all, client, es, ets, lcapps, server, smartda, streaming, rdsync, xs, studio, afl, sca, sop, eml, rme, rtl, trp
+# Example: hana_components = "server"
+
+kit_saphana_file = "/storage/HANADB/51055299.ZIP"
+# SAP HANA Installation kit path
+# Supported SAP HANA versions on Red Hat 8.4 and Suse 15.3: HANA 2.0 SP 5 Rev 57, kit file: 51055299.ZIP
+# Supported SAP HANA versions on Red Hat 7.6: HANA 2.0 SP 5 Rev 52, kit file: 51054623.ZIP
+# Example for Red Hat 7: kit_saphana_file = "/storage/HANADB/51054623.ZIP"
+# Example for Red Hat 8 or Suse 15: kit_saphana_file = "/storage/HANADB/51055299.ZIP"
 
-#SAP HANA Installation kit path
-kit_saphana_file = "/storage/HANADB/51054623.ZIP"
+##########################################################
+# SAP system configuration
+##########################################################
 
-#SAP system configuration
 sap_sid = "S4A"
+# SAP System ID
+
 sap_ascs_instance_number = "01"
+# The central ABAP service instance number. Should follow the SAP rules for instance number naming.
+# Example: sap_ascs_instance_number = "01"
+
 sap_ci_instance_number = "00"
+# The SAP central instance number. Should follow the SAP rules for instance number naming.
+# Example: sap_ci_instance_number = "06"
 
-# Number of concurrent jobs used to load and/or extract archives to HANA Host
 hdb_concurrent_jobs = "23"
+# Number of concurrent jobs used to load and/or extract archives to HANA Host
+
+##########################################################
+# SAP S/4HANA APP Kit Paths
+##########################################################
 
-#SAP S4HANA APP Installation kit path
 kit_sapcar_file = "/storage/S4HANA/SAPCAR_1010-70006178.EXE"
 kit_swpm_file = "/storage/S4HANA/SWPM20SP09_4-80003424.SAR"
 kit_sapexe_file = "/storage/S4HANA/SAPEXE_100-70005283.SAR"
diff --git a/cli/integration-app.tf b/cli/integration-app.tf
index d5303d1..9e8d0bd 100644
--- a/cli/integration-app.tf
+++ b/cli/integration-app.tf
@@ -15,12 +15,13 @@ sap_main_password: "${var.sap_main_password}"
 #HANA config
 hdb_host: "${module.db-vsi.PRIVATE-IP}"
 hdb_sid: "${var.hana_sid}"
+app_profile: "${var.APP-PROFILE}"
 hdb_instance_number: "${var.hana_sysno}"
 hdb_main_password: "${var.hana_main_password}"
 # Number of concurrent jobs used to load and/or extract archives to HANA Host
 hdb_concurrent_jobs: "${var.hdb_concurrent_jobs}"
 
-#SAP S4HANA APP Installation kit path
+#SAP S/4HANA APP Installation kit path
 kit_sapcar_file: "${var.kit_sapcar_file}"
 kit_swpm_file: "${var.kit_swpm_file}"
 kit_sapexe_file: "${var.kit_sapexe_file}"
diff --git a/cli/integration-db.tf b/cli/integration-db.tf
index 9c4c702..c285f8c 100644
--- a/cli/integration-db.tf
+++ b/cli/integration-db.tf
@@ -8,6 +8,7 @@ resource "local_file" "db_ansible_saphana-vars" {
 
 #HANA DB configuration
 hana_sid: "${var.hana_sid}"
+hana_profile: "${var.DB-PROFILE}"
 hana_sysno: "${var.hana_sysno}"
 hana_main_password: "${var.hana_main_password}"
 hana_system_usage: "${var.hana_system_usage}"
diff --git a/cli/modules/ansible-exec/versions.tf b/cli/modules/ansible-exec/versions.tf
index d24698f..6c950f4 100644
--- a/cli/modules/ansible-exec/versions.tf
+++ b/cli/modules/ansible-exec/versions.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"
-      version = ">= 1.24.0"
+      version = ">= 1.41.1"
     }
   }
 }
diff --git a/cli/modules/app-vsi/versions.tf b/cli/modules/app-vsi/versions.tf
index d24698f..6c950f4 100644
--- a/cli/modules/app-vsi/versions.tf
+++ b/cli/modules/app-vsi/versions.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"
-      version = ">= 1.24.0"
+      version = ">= 1.41.1"
     }
   }
 }
diff --git a/cli/modules/db-vsi/versions.tf b/cli/modules/db-vsi/versions.tf
index d24698f..6c950f4 100644
--- a/cli/modules/db-vsi/versions.tf
+++ b/cli/modules/db-vsi/versions.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"
-      version = ">= 1.24.0"
+      version = ">= 1.41.1"
     }
   }
 }
diff --git a/cli/modules/sec-exec/versions.tf b/cli/modules/sec-exec/versions.tf
index d24698f..6c950f4 100644
--- a/cli/modules/sec-exec/versions.tf
+++ b/cli/modules/sec-exec/versions.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"
-      version = ">= 1.24.0"
+      version = ">= 1.41.1"
     }
   }
 }
diff --git a/cli/modules/vpc/subnet/versions.tf b/cli/modules/vpc/subnet/versions.tf
index d24698f..6c950f4 100644
--- a/cli/modules/vpc/subnet/versions.tf
+++ b/cli/modules/vpc/subnet/versions.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"
-      version = ">= 1.24.0"
+      version = ">= 1.41.1"
     }
   }
 }
diff --git a/cli/versions.tf b/cli/versions.tf
index 53da8ce..6c950f4 100644
--- a/cli/versions.tf
+++ b/cli/versions.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"
-      version = "~> 1.24.0"
+      version = ">= 1.41.1"
     }
   }
 }
diff --git a/schematics/README.md b/schematics/README.md
index 8a9a352..11223d3 100644
--- a/schematics/README.md
+++ b/schematics/README.md
@@ -3,7 +3,7 @@
 
 
 ## Description
-This automation solution is designed for the deployment of **Three Tier SAP S/4HANA Stack** using IBM Cloud Schematics. The SAP solution will be deployed on top of **Red Hat Enterprise Linux 7.6 for SAP** in an existing IBM Cloud Gen2 VPC, using an existing bastion host with secure remote SSH access.
+This automation solution is designed for the deployment of **Three Tier SAP S/4HANA Stack** using IBM Cloud Schematics. The SAP solution will be deployed on top of one of the following Operating Systems: **SUSE Linux Enterprise Server 15 SP 3 for SAP**, **Red Hat Enterprise Linux 8.4 for SAP**, **Red Hat Enterprise Linux 7.6 for SAP** in an existing IBM Cloud Gen2 VPC, using an existing bastion host with secure remote SSH access.
 
 The solution is based on Terraform remote-exec and Ansible playbooks executed by Schematics and it is implementing a 'reasonable' set of best practices for SAP VSI host configuration.
 
@@ -12,15 +12,13 @@ The solution is based on Terraform remote-exec and Ansible playbooks executed by
 - Bash scripts used for the checking of the prerequisites required by SAP VSIs deployment and for the integration into a single step in IBM Schematics GUI of the VSI provisioning and the **Three Tier SAP S/4HANA Stack** installation.
 - Ansible scripts to configure Three Tier SAP S/4HANA primary application server and a HANA 2.0 node.
 
-
-
 ## Installation media
 SAP HANA installation media used for this deployment is the default one for **SAP HANA, platform edition 2.0 SPS05** available at SAP Support Portal under *INSTALLATION AND UPGRADE* area and it has to be provided as input data.
 
 SAP S/4HANA installation media used for this deployment is the default one for **SAP S/4HANA 2020** available at SAP Support Portal under *INSTALLATION AND UPGRADE* area and it has to be provided as input data.
 
 ## VSI Configuration
-The VSIs are deployed with Red Hat Enterprise Linux 7.6 for SAP HANA (amd64) for DB server and Red Hat Enterprise Linux 7.6 for SAP Applications (amd64) for APP server. The SSH keys are configured to allow root user access. The following storage volumes are creating during the provisioning:
+The VSIs are deployed with one of the following Operating Systems for DB server: Suse Linux Enterprise Server 15 SP 3 for SAP HANA (amd64), Red Hat Enterprise Linux 8.4 for SAP HANA (amd64) or Red Hat Enterprise Linux 7.6 for SAP HANA (amd64) and with one of the following Operating Systems for APP server: Suse Enterprise Linux 1 SP3 for SAP Applications (amd64), Red Hat Enterprise Linux 8.4 for SAP Applications (amd64), Red Hat Enterprise Linux 7.6 for SAP Applications (amd64). The SSH keys are configured to allow root user access. The following storage volumes are creating during the provisioning:
 
 HANA DB VSI Disks:
 - 3 x 500 GB disks with 10000 IOPS - DATA
@@ -44,18 +42,18 @@ ibmcloud_api_key | IBM Cloud API key (Sensitive* value).
 private_ssh_key | id_rsa private key content (Sensitive* value).
 SSH_KEYS | List of SSH Keys UUIDs that are allowed to SSH as root to the VSI. Can contain one or more IDs. The list of SSH Keys is available [here](https://cloud.ibm.com/vpc-ext/compute/sshKeys). <br /> Sample input (use your own SSH UUIDs from IBM Cloud):<br /> [ "r010-57bfc315-f9e5-46bf-bf61-d87a24a9ce7a" , "r010-3fcd9fe7-d4a7-41ce-8bb3-d96e936b2c7e" ]
 BASTION_FLOATING_IP | The FLOATING IP from the Bastion Server.
-RESOURCE_GROUP | An EXISTING  Resource Group for VSIs and Volumes resources. <br /> Default value: "Default". The list of Resource Groups is available [here](https://cloud.ibm.com/account/resource-groups).
+RESOURCE_GROUP | The name of an EXISTING Resource Group for VSIs and Volumes resources. <br /> Default value: "Default". The list of Resource Groups is available [here](https://cloud.ibm.com/account/resource-groups).
 REGION | The cloud region where to deploy the solution. <br /> The regions and zones for VPC are listed [here](https://cloud.ibm.com/docs/containers?topic=containers-regions-and-zones#zones-vpc). <br /> Review supported locations in IBM Cloud Schematics [here](https://cloud.ibm.com/docs/schematics?topic=schematics-locations).<br /> Sample value: eu-de.
 ZONE | The cloud zone where to deploy the solution. <br /> Sample value: eu-de-2.
-VPC | EXISTING VPC name. The list of VPCs is available [here](https://cloud.ibm.com/vpc-ext/network/vpcs)
-SUBNET | EXISTING Subnet name. The list of Subnets is available [here](https://cloud.ibm.com/vpc-ext/network/subnets). 
-SECURITY_GROUP | EXISTING Security group name. The list of Security Groups is available [here](https://cloud.ibm.com/vpc-ext/network/securityGroups). 
-DB-HOSTNAME | The Hostname for the HANA VSI. The hostname must have up to 13 characters as required by SAP.  For more information on rules regarding hostnames for SAP systems, check [SAP Note 611361: Hostnames of SAP ABAP Platform servers](https://launchpad.support.sap.com/#/notes/%20611361)
+VPC | The name of an EXISTING VPC. The list of VPCs is available [here](https://cloud.ibm.com/vpc-ext/network/vpcs)
+SUBNET | The name of an EXISTING Subnet. The list of Subnets is available [here](https://cloud.ibm.com/vpc-ext/network/subnets).
+SECURITY_GROUP | The name of an EXISTING Security group. The list of Security Groups is available [here](https://cloud.ibm.com/vpc-ext/network/securityGroups).
+DB-HOSTNAME | The Hostname for the HANA VSI. The hostname should be up to 13 characters as required by SAP.  For more information on rules regarding hostnames for SAP systems, check [SAP Note 611361: Hostnames of SAP ABAP Platform servers](https://launchpad.support.sap.com/#/notes/%20611361)
 DB-PROFILE |  The instance profile used for the HANA VSI. A list of profiles is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-profiles) <br>  For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check [SAP Note 2927211: SAP Applications on IBM Virtual Private Cloud](https://launchpad.support.sap.com/#/notes/2927211) <br /> Default value: "mx2-16x128"
-DB-IMAGE | The OS image used for HANA VSI. A list of images is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-about-images).<br /> Default value: ibm-redhat-7-6-amd64-sap-hana-3
+DB-IMAGE | The OS image used for HANA VSI. A list of images is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-about-images).<br /> Default value: ibm-redhat-8-4-amd64-sap-hana-2
 APP-HOSTNAME | The Hostname for the SAP Application VSI. The hostname must have up to 13 characters as required by SAP.  For more information on rules regarding hostnames for SAP systems, check [SAP Note 611361: Hostnames of SAP ABAP Platform servers](https://launchpad.support.sap.com/#/notes/%20611361)
 APP-PROFILE |  The instance profile used for SAP Application VSI. A list of profiles is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-profiles) <br>  For more information about supported DB/OS and IBM Gen 2 Virtual Server Instances (VSI), check [SAP Note 2927211: SAP Applications on IBM Virtual Private Cloud](https://launchpad.support.sap.com/#/notes/2927211) <br /> Default value: "bx2-4x16"
-APP-IMAGE | The OS image used for SAP Application VSI. A list of images is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-about-images).<br /> Default value: ibm-redhat-7-6-amd64-sap-applications-3
+APP-IMAGE | The OS image used for SAP Application VSI. A list of images is available [here](https://cloud.ibm.com/docs/vpc?topic=vpc-about-images).<br /> Default value: ibm-redhat-8-4-amd64-sap-applications-2
 
 
 **SAP input parameters:**
@@ -109,9 +107,9 @@ The Security Rules inherited from BASTION deployment are the following:
  - `versions.tf` - contains the minimum required versions for terraform and IBM Cloud provider.
 
 
-## Steps to reproduce:
+## Steps to follow:
 
-1.  Be sure that you have the [required IBM Cloud IAM
+1.  Make sure that you have the [required IBM Cloud IAM
     permissions](https://cloud.ibm.com/docs/vpc?topic=vpc-managing-user-permissions-for-vpc-resources) to
     create and work with VPC infrastructure and you are [assigned the
     correct
diff --git a/schematics/ansible/roles/s4appinst/tasks/install_kit.yml b/schematics/ansible/roles/s4appinst/tasks/install_kit.yml
index c395cfd..fbba5b8 100644
--- a/schematics/ansible/roles/s4appinst/tasks/install_kit.yml
+++ b/schematics/ansible/roles/s4appinst/tasks/install_kit.yml
@@ -20,16 +20,24 @@
   when: "'rsync' in ansible_facts.packages"
   delegate_to: localhost
 
-- name: Gather the package facts for target
+- name: Gather the package facts for Red Hat target
   package_facts:
     manager: auto
+  when: ansible_facts['os_family'] == "RedHat"
 
-- name: Check if rsync package is available on target
+- name: Gather the packages for Suse target # noqa 305
+  shell: zypper search -i --match-exact rsync
+  args:
+    warn: false
+  register: rsync_search_result
+  when: ansible_facts['os_family'] == "Suse"
+
+- name: Check if rsync package is available
   set_fact:
     rsync_found_target: true
-  when: "'rsync' in ansible_facts.packages"
+  when: ansible_facts['os_family'] == "RedHat" and "'rsync' in ansible_facts.packages" or ansible_facts['os_family'] == "Suse" and rsync_search_result.rc == 0
 
-- name: Copy S4/HANA kit to target using rsync
+- name: Copy S/4HANA kit to target using rsync
   synchronize:
     src: "{{ item.s4apps_src }}"
     dest: "{{ item.s4apps_dest }}"
@@ -37,7 +45,7 @@
   loop: "{{ s4apps_kit }}"
   when: rsync_found_controller is defined and rsync_found_target is defined
 
-- name: Copy S4/HANA kit to target when rsync is not available
+- name: Copy S/4HANA kit to target when rsync is not available
   copy:
     src: "{{ item.s4apps_src }}"
     dest: "{{ item.s4apps_dest }}"
@@ -55,9 +63,13 @@
     recurse: yes
     owner: root
     group: root
-  when: rsync_found_controller is defined and rsync_found_target is defined
+
+- name: Check if SWPM archive content was already extracted
+  stat:
+    path: "{{ s4app_kit }}/swpm/sapinst"
+  register: file_status
 
 - name: Extract SWPM archive
   command: "{{ s4app_kit }}/sapcar -xf {{ s4app_kit }}/swpm.sar -R {{ s4app_kit }}/swpm"
-
+  when: not file_status.stat.exists
 ...
diff --git a/schematics/ansible/roles/s4appinst/tasks/main.yml b/schematics/ansible/roles/s4appinst/tasks/main.yml
index aa71d87..10dfcd8 100644
--- a/schematics/ansible/roles/s4appinst/tasks/main.yml
+++ b/schematics/ansible/roles/s4appinst/tasks/main.yml
@@ -7,8 +7,16 @@
       src: sapinst.cfg
       dest: "{{ s4app_kit }}/inifile.params"
 
-- name: Start SAP S4HANA Application Server installation
-  shell: "{{ s4app_kit }}/swpm/sapinst SAPINST_INPUT_PARAMETERS_URL={{ s4app_kit }}/inifile.params SAPINST_EXECUTE_PRODUCT_ID={{ sap_product_id }} SAPINST_SKIP_DIALOGS=true SAPINST_START_GUISERVER=false"
+- name: Check if S/4HANA Application Server was already installed
+  stat:
+    path: "/sapmnt/{{ sap_sid|upper }}/exe/uc/linuxx86_64/SAPCAR"
+  register: install_status
+
+- name: Start SAP S/4HANA Application Server installation # noqa 305
+  shell: >-
+    {{ s4app_kit }}/swpm/sapinst SAPINST_INPUT_PARAMETERS_URL={{ s4app_kit }}/inifile.params
+    SAPINST_EXECUTE_PRODUCT_ID={{ sap_product_id }} SAPINST_SKIP_DIALOGS=true SAPINST_START_GUISERVER=false
+  when: not install_status.stat.exists
 
 - name: Cleanup
   file:
diff --git a/schematics/ansible/roles/s4appreq/defaults/main.yml b/schematics/ansible/roles/s4appreq/defaults/main.yml
index c5388b2..753139a 100644
--- a/schematics/ansible/roles/s4appreq/defaults/main.yml
+++ b/schematics/ansible/roles/s4appreq/defaults/main.yml
@@ -4,9 +4,70 @@ sap_disk_size: "128.00 GB"
 swap_disk_size: "40.00 GB"
 
 #Logical volume size config
-swap_lv_size: "30g"
+# swap_lv_size: "30g"
 usrsap_lv_size: "5g"
 sap_lv_size: "20g"
 sapmnt_lv_size: "20g"
 saptrans_lv_size: "50g"
+
+# SWAP size GB 
+# SAP note 1597355
+# Commented until terraform code update
+# swap_lv:
+#   - size: 64
+#     ram_min: 32
+#     ram_max: 63
+#   - size: 96
+#     ram_min: 64
+#     ram_max: 127
+#   - size: 128
+#     ram_min: 128
+#     ram_max: 255
+#   - size: 160
+#     ram_min: 256
+#     ram_max: 511
+#   - size: 192
+#     ram_min: 512
+#     ram_max: 1023
+#   - size: 224
+#     ram_min: 1024
+#     ram_max: 2047
+#   - size: 256
+#     ram_min: 2048
+#     ram_max: 4095
+#   - size: 288
+#     ram_min: 4096
+#     ram_max: 8191
+#   - size: 320
+#     ram_min: 8192
+#     ram_max: 20000
+
+swap_lv:
+  - size: 38
+    ram_min: 32
+    ram_max: 63
+  - size: 38
+    ram_min: 64
+    ram_max: 127
+  - size: 38
+    ram_min: 128
+    ram_max: 255
+  - size: 38
+    ram_min: 256
+    ram_max: 511
+  - size: 38
+    ram_min: 512
+    ram_max: 1023
+  - size: 224
+    ram_min: 1024
+    ram_max: 2047
+  - size: 38
+    ram_min: 2048
+    ram_max: 4095
+  - size: 288
+    ram_min: 4096
+    ram_max: 8191
+  - size: 38
+    ram_min: 8192
+    ram_max: 20000
 ...
diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/SELinux.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/SELinux.yml
index 2277489..967003c 100644
--- a/schematics/ansible/roles/s4appreq/tasks/configurations/SELinux.yml
+++ b/schematics/ansible/roles/s4appreq/tasks/configurations/SELinux.yml
@@ -2,4 +2,4 @@
 - name: Disable SELinux
   selinux:
     state: disabled
-...    
\ No newline at end of file
+...
\ No newline at end of file
diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/abrtd.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/abrtd.yml
new file mode 100644
index 0000000..a77e224
--- /dev/null
+++ b/schematics/ansible/roles/s4appreq/tasks/configurations/abrtd.yml
@@ -0,0 +1,11 @@
+---
+- name: Get the list of services
+  service_facts:
+
+- name: Stop and disable abrtd
+  systemd:
+    name: abrtd
+    state: stopped
+    enabled: no
+  when: "'abrtd.service' in services"
+...
diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/filesystems.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/filesystems.yml
index 04523ab..321754a 100644
--- a/schematics/ansible/roles/s4appreq/tasks/configurations/filesystems.yml
+++ b/schematics/ansible/roles/s4appreq/tasks/configurations/filesystems.yml
@@ -1,6 +1,6 @@
 ---
 - name: Get available storage devices for swap
-  set_fact: 
+  set_fact:
     swap_disk: "{{ swap_disk|default([]) + [device.key] }}"
   when:
      - not device.value.partitions
@@ -23,7 +23,7 @@
     pesize: "32"
 
 - name: Get available storage devices for SAP instance
-  set_fact: 
+  set_fact:
     sap_disk: "{{ sap_disk|default([]) + [device.key] }}"
   when:
      - not device.value.partitions
@@ -45,6 +45,21 @@
     pvs: "/dev/{{ sap_disk[0] }}"
     pesize: "32"
 
+- name: Get the RAM size
+  set_fact:
+    app_ram: "{{ app_profile.split('-')[1].split('x')[1] }}"
+
+- name: Get the swap logical volume size for RAM lower than 32 GB
+  set_fact:
+    swap_lv_size: "{{ app_ram | int * 2 }}g"
+  when: app_ram | int < 32
+
+- name: Get the swap logical volume size for RAM higher than 32 GB
+  set_fact:
+    swap_lv_size: "{{ item.size }}g"
+  loop: "{{ swap_lv }}"
+  when: (app_ram | int > 32) and (app_ram | int >= item.ram_min) and (app_ram | int <= item.ram_min)
+
 - name: Create a logical volume for swap
   lvol:
     vg: "{{ sap_sid|lower }}_swap_vg"
@@ -73,7 +88,7 @@
   lvol:
     vg: "{{ sap_sid|lower }}_app_vg"
     lv: "{{ sap_sid|lower }}_saptrans_lv"
-    size: "{{ saptrans_lv_size }}" 
+    size: "{{ saptrans_lv_size }}"
 
 - name: Create a swap filesystem
   filesystem:
@@ -106,8 +121,13 @@
     regexp: "^/dev/{{ sap_sid|lower }}_swap_vg/{{ sap_sid|lower }}_swap_lv"
     line: "/dev/{{ sap_sid|lower }}_swap_vg/{{ sap_sid|lower }}_swap_lv  swap  swap  defaults  0 0"
 
+- name: Check the current swap size
+  set_fact:
+    sap_vm_swap: "{{ ansible_swaptotal_mb }}"
+
 - name: Mount swap volume
   command: swapon -a
+  when: sap_vm_swap == 0
 
 - name: Mount /usr/sap and add it to /etc/fstab
   mount:
diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/hostname.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/hostname.yml
index f3ff0d1..4d7c3f5 100644
--- a/schematics/ansible/roles/s4appreq/tasks/configurations/hostname.yml
+++ b/schematics/ansible/roles/s4appreq/tasks/configurations/hostname.yml
@@ -3,27 +3,29 @@
 - name: Get short hostname
   command: hostname -s
   register: sap_short_hostname
+  changed_when: False
+
+- name: Get FQDN
+  set_fact:
+    sap_host_fqdn: "{{ ansible_fqdn }}"
 
 - name: Check if hostname has 13 or less characters as per SAP requirement
   fail:
     msg: "Hostname {{ sap_short_hostname.stdout }} has more than 13 characters"
   when:  sap_short_hostname.stdout|length > 13
 
-- name: Disable manage_etc_hosts in /etc/cloud/cloud.cfg
-  replace:
-    path: /etc/cloud/cloud.cfg
-    regexp: '(.*manage_etc_hosts.*)'
-    replace: '#\1'
+- name: Line to be added in /etc/hosts if FQDN is set
+  set_fact:
+    line_to_add: "{{ ansible_default_ipv4.address }} {{ sap_host_fqdn }} {{ sap_short_hostname.stdout }}"
+  when: sap_short_hostname.stdout != sap_host_fqdn
 
-#1054467 - Local host name refers to loopback address
-- name: Disable default hostname resolve to loopback address 
-  replace:
-    path: /etc/hosts
-    regexp: "(.*{{ ansible_hostname }}.*)"
-    replace: '#\1'
+- name: Line to be added in /etc/hosts if FQDN is not set
+  set_fact:
+    line_to_add: "{{ ansible_default_ipv4.address }} {{ sap_short_hostname.stdout }}"
+  when: sap_short_hostname.stdout == sap_host_fqdn
 
-- name: Enable hostname resolve to internal IP 
+- name: Enable hostname resolve to internal IP
   lineinfile:
     path: /etc/hosts
-    line: "{{ ansible_default_ipv4.address }} {{ ansible_hostname }}"
+    line: "{{ line_to_add }}"
 ...
\ No newline at end of file
diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/hostname_fix_RedHat.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/hostname_fix_RedHat.yml
new file mode 100644
index 0000000..6e3dd62
--- /dev/null
+++ b/schematics/ansible/roles/s4appreq/tasks/configurations/hostname_fix_RedHat.yml
@@ -0,0 +1,19 @@
+---
+- name: Disable manage_etc_hosts in /etc/cloud/cloud.cfg
+  replace:
+    path: /etc/cloud/cloud.cfg
+    regexp: '(.*manage_etc_hosts.*)'
+    replace: '#\1'
+
+- name: Get short hostname
+  command: hostname -s
+  register: sap_short_hostname
+  changed_when: False
+
+#1054467 - Local host name refers to loopback address
+- name: Disable default hostname resolve to loopback address
+  replace:
+    path: /etc/hosts
+    regexp: "^(?!{{ ansible_default_ipv4.address }}.*{{ sap_short_hostname.stdout }})(.*)({{ sap_short_hostname.stdout }}.*)"
+    replace: '\1'
+...
diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/kdump.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/kdump.yml
new file mode 100644
index 0000000..e8a8be5
--- /dev/null
+++ b/schematics/ansible/roles/s4appreq/tasks/configurations/kdump.yml
@@ -0,0 +1,11 @@
+---
+- name: Get the list of services
+  service_facts:
+
+- name: Stop and disable kdump
+  systemd:
+    name: kdump
+    state: stopped
+    enabled: no
+  when: "'kdump.service' in services"
+...
diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/kernel_RedHat7.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/kernel_RedHat7.yml
index 6582472..bc3cf49 100644
--- a/schematics/ansible/roles/s4appreq/tasks/configurations/kernel_RedHat7.yml
+++ b/schematics/ansible/roles/s4appreq/tasks/configurations/kernel_RedHat7.yml
@@ -11,5 +11,5 @@
     - { name: kernel.sem, value: "1250 256000 100 1024" }
     - { name: vm.max_map_count, value: 2147483647 } #900929 - Linux: STORAGE_PARAMETERS_WRONG_SET and "mmap() failed"
   loop_control:
-    loop_var: kernel_param  
+    loop_var: kernel_param
 ...
\ No newline at end of file
diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/kernel_RedHat8.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/kernel_RedHat8.yml
new file mode 100644
index 0000000..a262bc2
--- /dev/null
+++ b/schematics/ansible/roles/s4appreq/tasks/configurations/kernel_RedHat8.yml
@@ -0,0 +1,16 @@
+---
+- name: Set recommended kernel parameters for SAP NW on RedHat 8
+  sysctl:
+    sysctl_file: /etc/sysctl.d/sap.conf
+    name: "{{ kernel_param.name }}"
+    value: "{{ kernel_param.value }}"
+    sysctl_set: yes
+    state: present
+    reload: yes
+  loop:
+    - { name: vm.max_map_count, value: 2147483647 }
+    - { name: kernel.pid_max, value: 4194304 }
+    - { name: kernel.sem, value: "32000 1024000000 500 32000" }
+  loop_control:
+    loop_var: kernel_param
+...
diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/limits.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/limits.yml
index 97b44f9..e0b72f0 100644
--- a/schematics/ansible/roles/s4appreq/tasks/configurations/limits.yml
+++ b/schematics/ansible/roles/s4appreq/tasks/configurations/limits.yml
@@ -25,7 +25,7 @@
   loop_control:
     loop_var: ltype
 
-- name: Set core limits 
+- name: Set core limits
   lineinfile:
     path: /etc/security/limits.conf
     line: "{{ corelimit }}"
diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/reboot.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/reboot.yml
new file mode 100644
index 0000000..7287953
--- /dev/null
+++ b/schematics/ansible/roles/s4appreq/tasks/configurations/reboot.yml
@@ -0,0 +1,6 @@
+---
+- name: Reboot target host
+  reboot:
+    connect_timeout: 5
+    post_reboot_delay: 10
+...
diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/repository_RedHat.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/repository_RedHat.yml
new file mode 100644
index 0000000..aacebff
--- /dev/null
+++ b/schematics/ansible/roles/s4appreq/tasks/configurations/repository_RedHat.yml
@@ -0,0 +1,9 @@
+---
+- name: Wait for cloud init to finish
+  cloud_init_data_facts:
+    filter: status
+  register: res
+  until: "res.cloud_init_data_facts.status.v1.stage is defined and not res.cloud_init_data_facts.status.v1.stage"
+  retries: 60
+  delay: 10
+...
diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/repository_SLES.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/repository_SLES.yml
new file mode 100644
index 0000000..bb3ef8d
--- /dev/null
+++ b/schematics/ansible/roles/s4appreq/tasks/configurations/repository_SLES.yml
@@ -0,0 +1,5 @@
+---
+- name: Wait for SLES repo configurations
+  wait_for:
+    path: /etc/SUSEConnect
+...
diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/reqpkggroups.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/reqpkggroups_RedHat.yml
similarity index 59%
rename from schematics/ansible/roles/s4appreq/tasks/configurations/reqpkggroups.yml
rename to schematics/ansible/roles/s4appreq/tasks/configurations/reqpkggroups_RedHat.yml
index db5c163..ba551d6 100644
--- a/schematics/ansible/roles/s4appreq/tasks/configurations/reqpkggroups.yml
+++ b/schematics/ansible/roles/s4appreq/tasks/configurations/reqpkggroups_RedHat.yml
@@ -2,5 +2,5 @@
 - name: Import requierd package groups
   dnf:
     state: present
-    name: "{{ s4app_required_package_groups }}" 
+    name: "{{ s4app_required_package_groups }}"
 ...
diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/saptune.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/saptune.yml
new file mode 100644
index 0000000..b10231f
--- /dev/null
+++ b/schematics/ansible/roles/s4appreq/tasks/configurations/saptune.yml
@@ -0,0 +1,17 @@
+---
+- name: Start and enable saptune service
+  service:
+    name: saptune
+    state: started
+    enabled: yes
+
+- name: Check if NETWEAVER profile was already set
+  command: saptune status
+  register: netweaver_profile
+  changed_when: False
+  failed_when: netweaver_profile.rc != 0 and netweaver_profile.rc != 3
+
+- name: Select NETWEAVER profile for saptune
+  command: /usr/sbin/saptune solution apply NETWEAVER
+  when: "'NETWEAVER' not in netweaver_profile.stdout"
+...
diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/umask_RHEL.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/umask_RHEL.yml
new file mode 100644
index 0000000..e38746c
--- /dev/null
+++ b/schematics/ansible/roles/s4appreq/tasks/configurations/umask_RHEL.yml
@@ -0,0 +1,12 @@
+---
+- name: Configure default umask
+  replace:
+    path: "{{ file }}"
+    regexp: '(.*umask 077.*)'
+    replace: 'umask 022'
+  loop:
+    - /etc/profile
+    - /etc/bashrc
+  loop_control:
+    loop_var: file
+...
diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/umask_SLES.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/umask_SLES.yml
new file mode 100644
index 0000000..438a784
--- /dev/null
+++ b/schematics/ansible/roles/s4appreq/tasks/configurations/umask_SLES.yml
@@ -0,0 +1,7 @@
+---
+- name: Configure default umask
+  replace:
+    path: /etc/login.defs
+    regexp: '(.*UMASK     027.*)'
+    replace: 'UMASK     022'
+...
diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/update_os.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/update_RedHat7.yml
similarity index 70%
rename from cli/ansible/roles/saphanareq/tasks/configurations/update_os.yml
rename to schematics/ansible/roles/s4appreq/tasks/configurations/update_RedHat7.yml
index dca2386..da9a854 100644
--- a/cli/ansible/roles/saphanareq/tasks/configurations/update_os.yml
+++ b/schematics/ansible/roles/s4appreq/tasks/configurations/update_RedHat7.yml
@@ -4,19 +4,16 @@
     name: "{{ repo_name }}"
     state: enabled
   loop:
+    # - rhel-sap-for-rhel-7-server-e4s-rpms
     - rhel-7-server-rpms
     - rhel-sap-hana-for-rhel-7-server-rpms
     - rhel-7-server-eus-rpms
+
   loop_control:
     loop_var: repo_name
 
-- name: Update all packages
+- name: Update all packages # noqa 403
   yum:
     name: '*'
     state: latest
-
-- name: Reboot target host after update
-  reboot:
-    connect_timeout: 5
-    post_reboot_delay: 10
 ...
diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/update_RedHat8.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/update_RedHat8.yml
new file mode 100644
index 0000000..20324b3
--- /dev/null
+++ b/schematics/ansible/roles/s4appreq/tasks/configurations/update_RedHat8.yml
@@ -0,0 +1,6 @@
+---
+- name: Update all packages # noqa 403
+  yum:
+    name: '*'
+    state: latest
+...
diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/update_SLES_SAP.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/update_SLES_SAP.yml
new file mode 100644
index 0000000..d6f097d
--- /dev/null
+++ b/schematics/ansible/roles/s4appreq/tasks/configurations/update_SLES_SAP.yml
@@ -0,0 +1,6 @@
+---
+- name: Update all packages # noqa 403
+  zypper:
+    name: '*'
+    state: latest
+...
diff --git a/schematics/ansible/roles/s4appreq/tasks/configurations/update_os.yml b/schematics/ansible/roles/s4appreq/tasks/configurations/update_os.yml
deleted file mode 100644
index 6781cdd..0000000
--- a/schematics/ansible/roles/s4appreq/tasks/configurations/update_os.yml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-- name: Update all packages
-  yum:
-    name: '*'
-    state: latest
-
-- name: Reboot target host after update
-  reboot:
-    connect_timeout: 5
-    post_reboot_delay: 10
-...
diff --git a/schematics/ansible/roles/s4appreq/tasks/main.yml b/schematics/ansible/roles/s4appreq/tasks/main.yml
index 1201a1e..bc0c392 100644
--- a/schematics/ansible/roles/s4appreq/tasks/main.yml
+++ b/schematics/ansible/roles/s4appreq/tasks/main.yml
@@ -2,17 +2,7 @@
 - name: Import OS distribution variables
   include_vars: "{{ ansible_distribution }}{{ ansible_distribution_major_version }}.yml"
 
-- name: Enable additional repositories
-  rhsm_repository:
-    name: "{{ repo_name }}"
-    state: enabled
-  loop:
-    - rhel-7-server-eus-rpms
-    - rhel-7-server-rpms
-  loop_control:
-    loop_var: repo_name
-
-- name: Make specific OS configurations as recommended by SAP for S4HANA APP
+- name: Make specific OS configurations as recommended by SAP for S/4HANA APP
   include_tasks: "configurations/{{ item }}.yml"
   loop: "{{ s4app_required_configurations }}"
 ...
diff --git a/schematics/ansible/roles/s4appreq/vars/RedHat7.yml b/schematics/ansible/roles/s4appreq/vars/RedHat7.yml
index c932a22..1765e2b 100644
--- a/schematics/ansible/roles/s4appreq/vars/RedHat7.yml
+++ b/schematics/ansible/roles/s4appreq/vars/RedHat7.yml
@@ -12,15 +12,19 @@ s4app_required_package_groups:
   - "@performance"
   - "@compat-libraries"
 s4app_required_configurations:
-  - "hostname"
-  - "kernel_RedHat7"
-  - "update_os"
-  - "reqpkggroups"
+  - "repository_RedHat"
+  - "update_RedHat7"
   - "reqpkg"
+  - "reqpkggroups_RedHat"
+  - "hostname_fix_RedHat"
+  - "hostname"
   - "filesystems"
+  - "firewalld"
   - "uuidd"
   - "SELinux"
   - "limits"
   - "tmpfiles"
   - "compatlibs"
+  - "kernel_RedHat7"
+  - "reboot"
 ...
diff --git a/schematics/ansible/roles/s4appreq/vars/RedHat8.yml b/schematics/ansible/roles/s4appreq/vars/RedHat8.yml
new file mode 100644
index 0000000..ceb0eb4
--- /dev/null
+++ b/schematics/ansible/roles/s4appreq/vars/RedHat8.yml
@@ -0,0 +1,53 @@
+---
+s4app_required_packages:
+  - cairo
+  - graphviz
+  - iptraf-ng
+  - lm_sensors
+  - net-tools
+  - uuidd
+  - libnsl
+  - tcsh
+  - psmisc
+  - nfs-utils
+  - bind-utils
+  - expect
+  - gtk2
+  - krb5-workstation
+  - krb5-libs
+  - libaio
+  - libcanberra-gtk2
+  - libibverbs
+  - libicu
+  - libtool-ltdl
+  - numactl
+  - openssl
+  - PackageKit-gtk3-module
+  - rsyslog
+  - sudo
+  - xfsprogs
+  - xorg-x11-xauth
+  - libatomic
+  - chrony
+  - lvm2
+  - unzip
+
+s4app_required_configurations:
+  - "repository_RedHat"
+  - "update_RedHat8"
+  - "reqpkg"
+  - "hostname_fix_RedHat"
+  - "hostname"
+  - "kernel_RedHat8"
+  - "umask_RHEL"
+  - "reboot"
+  - "filesystems"
+  - "SELinux"
+  - "firewalld"
+  - "uuidd"
+  - "abrtd"
+  - "kdump"
+  - "limits"
+  - "tmpfiles"
+  - "reboot"
+... 
diff --git a/schematics/ansible/roles/s4appreq/vars/SLES_SAP15.yml b/schematics/ansible/roles/s4appreq/vars/SLES_SAP15.yml
new file mode 100644
index 0000000..7b061f2
--- /dev/null
+++ b/schematics/ansible/roles/s4appreq/vars/SLES_SAP15.yml
@@ -0,0 +1,19 @@
+---
+s4app_required_packages:
+  - lvm2
+  - uuidd
+
+s4app_required_configurations:
+  - "repository_SLES"
+  - "update_SLES_SAP"
+  - "reqpkg"
+  - "umask_SLES"
+  - "hostname"
+  - "reboot"
+  - "filesystems"
+  - "limits"
+  - "tmpfiles"
+  - "uuidd"
+  - "saptune"
+  - "reboot"
+...
diff --git a/schematics/ansible/roles/saphanainst/tasks/install_kit.yml b/schematics/ansible/roles/saphanainst/tasks/install_kit.yml
index 3f2b95f..1aa88c2 100644
--- a/schematics/ansible/roles/saphanainst/tasks/install_kit.yml
+++ b/schematics/ansible/roles/saphanainst/tasks/install_kit.yml
@@ -16,14 +16,22 @@
   when: "'rsync' in ansible_facts.packages"
   delegate_to: localhost
 
-- name: Gather the package facts for target
+- name: Gather the package facts for Red Hat target
   package_facts:
     manager: auto
+  when: ansible_facts['os_family'] == "RedHat"
+
+- name: Gather the packages for Suse target # noqa 305
+  shell:  zypper search -i --match-exact rsync
+  args:
+    warn: false
+  register: rsync_search_result
+  when: ansible_facts['os_family'] == "Suse"
 
 - name: Check if rsync package is available on target
   set_fact:
     rsync_found_target: true
-  when: "'rsync' in ansible_facts.packages"
+  when: ansible_facts['os_family'] == "RedHat" and "'rsync' in ansible_facts.packages" or ansible_facts['os_family'] == "Suse" and rsync_search_result.rc == 0
 
 - name: Copy "{{ kit_saphana_file }}" kit to target using rsync
   synchronize:
diff --git a/schematics/ansible/roles/saphanainst/tasks/main.yml b/schematics/ansible/roles/saphanainst/tasks/main.yml
index 88d8640..bfcf2d2 100644
--- a/schematics/ansible/roles/saphanainst/tasks/main.yml
+++ b/schematics/ansible/roles/saphanainst/tasks/main.yml
@@ -7,8 +7,14 @@
       src: hanaconfig.cfg
       dest: "{{ hana_kit }}/hanaconfig.cfg"
 
-- name: Start SAP HANA DB installation
+- name: Check if HANA DB was already installed
+  stat:
+    path: "/hana/shared/{{ hana_sid|upper }}/exe/linuxx86_64/hdb"
+  register: hdb_install_status
+
+- name: Start SAP HANA DB installation # noqa 305
   shell: "{{ hana_kit }}/DATA_UNITS/HDB_SERVER_LINUX_X86_64/hdblcm --configfile={{ hana_kit }}/hanaconfig.cfg -b"
+  when: not hdb_install_status.stat.exists
 
 - name: Cleanup
   file:
diff --git a/schematics/ansible/roles/saphanareq/defaults/main.yml b/schematics/ansible/roles/saphanareq/defaults/main.yml
index 75dae98..8cba8e1 100644
--- a/schematics/ansible/roles/saphanareq/defaults/main.yml
+++ b/schematics/ansible/roles/saphanareq/defaults/main.yml
@@ -3,7 +3,7 @@
 hana_disk_size: "500.00 GB"
 
 #Logical volume size config
-swap_lv_size: "20g"
+swap_lv_size: "2g"
 hana_data_lv_size: "700g"
 hana_log_lv_size: "250g"
 hana_shared_lv_size: "250g"
diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/SELinux.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/SELinux.yml
index 2277489..967003c 100644
--- a/schematics/ansible/roles/saphanareq/tasks/configurations/SELinux.yml
+++ b/schematics/ansible/roles/saphanareq/tasks/configurations/SELinux.yml
@@ -2,4 +2,4 @@
 - name: Disable SELinux
   selinux:
     state: disabled
-...    
\ No newline at end of file
+...
\ No newline at end of file
diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/abrtd.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/abrtd.yml
index bbfda1a..a77e224 100644
--- a/schematics/ansible/roles/saphanareq/tasks/configurations/abrtd.yml
+++ b/schematics/ansible/roles/saphanareq/tasks/configurations/abrtd.yml
@@ -1,7 +1,11 @@
 ---
+- name: Get the list of services
+  service_facts:
+
 - name: Stop and disable abrtd
   systemd:
     name: abrtd
     state: stopped
     enabled: no
+  when: "'abrtd.service' in services"
 ...
diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/filesystems.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/filesystems.yml
index 8f01d7c..990bf1f 100644
--- a/schematics/ansible/roles/saphanareq/tasks/configurations/filesystems.yml
+++ b/schematics/ansible/roles/saphanareq/tasks/configurations/filesystems.yml
@@ -1,6 +1,6 @@
 ---
 - name: Get available storage devices for HANA VG
-  set_fact: 
+  set_fact:
     data_disk: "{{ data_disk|default([]) + ['/dev/' + device.key] }}"
   when:
      - not device.value.partitions
@@ -36,26 +36,26 @@
     size: "{{ hana_data_lv_size }}"
     opts: -i3 -I256
 
-- name: Create a logical volume for HANA log 
+- name: Create a logical volume for HANA log
   lvol:
     vg: "{{ hana_sid|lower }}_hana_vg"
     lv: "{{ hana_sid|lower }}_hana_log_lv"
     size: "{{ hana_log_lv_size }}"
     opts: -i3 -I64
 
-- name: Create a logical volume for HANA shared 
+- name: Create a logical volume for HANA shared
   lvol:
     vg: "{{ hana_sid|lower }}_hana_vg"
     lv: "{{ hana_sid|lower }}_hana_shared_lv"
     size: "{{ hana_shared_lv_size }}"
     opts: -i3
 
-- name: Create a logical volume for /usr/sap 
+- name: Create a logical volume for /usr/sap
   lvol:
     vg: "{{ hana_sid|lower }}_hana_vg"
     lv: "{{ hana_sid|lower }}_sap_lv"
     size: "{{ sap_lv_size }}"
-    opts: -i3    
+    opts: -i3
 
 - name: Create a swap filesystem
   filesystem:
@@ -88,8 +88,13 @@
     regexp: "^/dev/{{ hana_sid|lower }}_hana_vg/{{ hana_sid|lower }}_swap_lv"
     line: "/dev/{{ hana_sid|lower }}_hana_vg/{{ hana_sid|lower }}_swap_lv  swap  swap  defaults  0 0"
 
+- name: Check the current swap size
+  set_fact:
+    hana_vm_swap: "{{ ansible_swaptotal_mb }}"
+
 - name: Mount swap volume
   command: swapon -a
+  when: hana_vm_swap == 0
 
 - name: Mount /hana/data and add it to /etc/fstab
   mount:
diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/hostname.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/hostname.yml
index f3ff0d1..6dae370 100644
--- a/schematics/ansible/roles/saphanareq/tasks/configurations/hostname.yml
+++ b/schematics/ansible/roles/saphanareq/tasks/configurations/hostname.yml
@@ -2,28 +2,30 @@
 #2718300 - Physical and Virtual hostname length limitations
 - name: Get short hostname
   command: hostname -s
-  register: sap_short_hostname
+  register: hana_short_hostname
+  changed_when: False
+
+- name: Get FQDN
+  set_fact:
+    hana_host_fqdn: "{{ ansible_fqdn }}"
 
 - name: Check if hostname has 13 or less characters as per SAP requirement
   fail:
-    msg: "Hostname {{ sap_short_hostname.stdout }} has more than 13 characters"
-  when:  sap_short_hostname.stdout|length > 13
+    msg: "Hostname {{ hana_short_hostname.stdout }} has more than 13 characters"
+  when:  hana_short_hostname.stdout|length > 13
 
-- name: Disable manage_etc_hosts in /etc/cloud/cloud.cfg
-  replace:
-    path: /etc/cloud/cloud.cfg
-    regexp: '(.*manage_etc_hosts.*)'
-    replace: '#\1'
+- name: Line to be added in /etc/hosts if FQDN is set
+  set_fact:
+    line_to_add: "{{ ansible_default_ipv4.address }} {{ hana_host_fqdn }} {{ hana_short_hostname.stdout }}"
+  when: hana_short_hostname.stdout != hana_host_fqdn
 
-#1054467 - Local host name refers to loopback address
-- name: Disable default hostname resolve to loopback address 
-  replace:
-    path: /etc/hosts
-    regexp: "(.*{{ ansible_hostname }}.*)"
-    replace: '#\1'
+- name: Line to be added in /etc/hosts if FQDN is not set
+  set_fact:
+    line_to_add: "{{ ansible_default_ipv4.address }} {{ hana_short_hostname.stdout }}"
+  when: hana_short_hostname.stdout == hana_host_fqdn
 
-- name: Enable hostname resolve to internal IP 
+- name: Enable hostname resolve to internal IP
   lineinfile:
     path: /etc/hosts
-    line: "{{ ansible_default_ipv4.address }} {{ ansible_hostname }}"
+    line: "{{ line_to_add }}"
 ...
\ No newline at end of file
diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/hostname_fix_RedHat.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/hostname_fix_RedHat.yml
new file mode 100644
index 0000000..6e3dd62
--- /dev/null
+++ b/schematics/ansible/roles/saphanareq/tasks/configurations/hostname_fix_RedHat.yml
@@ -0,0 +1,19 @@
+---
+- name: Disable manage_etc_hosts in /etc/cloud/cloud.cfg
+  replace:
+    path: /etc/cloud/cloud.cfg
+    regexp: '(.*manage_etc_hosts.*)'
+    replace: '#\1'
+
+- name: Get short hostname
+  command: hostname -s
+  register: sap_short_hostname
+  changed_when: False
+
+#1054467 - Local host name refers to loopback address
+- name: Disable default hostname resolve to loopback address
+  replace:
+    path: /etc/hosts
+    regexp: "^(?!{{ ansible_default_ipv4.address }}.*{{ sap_short_hostname.stdout }})(.*)({{ sap_short_hostname.stdout }}.*)"
+    replace: '\1'
+...
diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/kdump.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/kdump.yml
index 75eaa23..3c55657 100644
--- a/schematics/ansible/roles/saphanareq/tasks/configurations/kdump.yml
+++ b/schematics/ansible/roles/saphanareq/tasks/configurations/kdump.yml
@@ -1,7 +1,11 @@
 ---
+- name: Get the list of services
+  service_facts:
+
 - name: Stop and disable kdump
   systemd:
     name: kdump
     state: stopped
     enabled: no
+  when: "'kdump.service' in services"
 ...
\ No newline at end of file
diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat7.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat7.yml
index bd6b289..fd519a8 100644
--- a/schematics/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat7.yml
+++ b/schematics/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat7.yml
@@ -11,7 +11,7 @@
     - { name: net.core.somaxconn, value: 4096 }
     - { name: net.ipv4.tcp_max_syn_backlog, value: 8192 }
     - { name: net.ipv4.tcp_slow_start_after_idle, value: 0 }
-    - { name: net.ipv4.tcp_syn_retries, value: 8 } 
+    - { name: net.ipv4.tcp_syn_retries, value: 8 }
   loop_control:
-    loop_var: kernel_param  
+    loop_var: kernel_param
 ...
\ No newline at end of file
diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat8.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat8.yml
index e36daa4..f853794 100644
--- a/schematics/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat8.yml
+++ b/schematics/ansible/roles/saphanareq/tasks/configurations/kernel_RedHat8.yml
@@ -13,7 +13,7 @@
     - { name: net.core.somaxconn, value: 4096 }
     - { name: net.ipv4.tcp_max_syn_backlog, value: 8192 }
     - { name: net.ipv4.tcp_slow_start_after_idle, value: 0 }
-    - { name: net.ipv4.tcp_syn_retries, value: 8 } 
+    - { name: net.ipv4.tcp_syn_retries, value: 8 }
   loop_control:
-    loop_var: kernel_param  
+    loop_var: kernel_param
 ...
\ No newline at end of file
diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/kernel_SLES_SAP15.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/kernel_SLES_SAP15.yml
new file mode 100644
index 0000000..0789814
--- /dev/null
+++ b/schematics/ansible/roles/saphanareq/tasks/configurations/kernel_SLES_SAP15.yml
@@ -0,0 +1,16 @@
+---
+- name: Set recommended kernel parameters for SAP HANA DB on SLES 15
+  sysctl:
+    sysctl_file: /etc/sysctl.d/sap.conf
+    name: "{{ kernel_param.name }}"
+    value: "{{ kernel_param.value }}"
+    sysctl_set: yes
+    state: present
+    reload: yes
+  loop:
+    - { name: net.core.somaxconn, value: 4096 }
+    - { name: net.ipv4.tcp_max_syn_backlog, value: 8192 }
+    - { name: net.ipv4.tcp_slow_start_after_idle, value: 0 }
+  loop_control:
+    loop_var: kernel_param
+...
diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/limits.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/limits.yml
index 332b9ff..6dd0745 100644
--- a/schematics/ansible/roles/saphanareq/tasks/configurations/limits.yml
+++ b/schematics/ansible/roles/saphanareq/tasks/configurations/limits.yml
@@ -25,7 +25,7 @@
   loop_control:
     loop_var: ltype
 
-- name: Set core limits 
+- name: Set core limits
   lineinfile:
     path: /etc/security/limits.conf
     line: "{{ corelimit }}"
diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/reboot.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/reboot.yml
new file mode 100644
index 0000000..7287953
--- /dev/null
+++ b/schematics/ansible/roles/saphanareq/tasks/configurations/reboot.yml
@@ -0,0 +1,6 @@
+---
+- name: Reboot target host
+  reboot:
+    connect_timeout: 5
+    post_reboot_delay: 10
+...
diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/repository_RedHat.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/repository_RedHat.yml
new file mode 100644
index 0000000..aacebff
--- /dev/null
+++ b/schematics/ansible/roles/saphanareq/tasks/configurations/repository_RedHat.yml
@@ -0,0 +1,9 @@
+---
+- name: Wait for cloud init to finish
+  cloud_init_data_facts:
+    filter: status
+  register: res
+  until: "res.cloud_init_data_facts.status.v1.stage is defined and not res.cloud_init_data_facts.status.v1.stage"
+  retries: 60
+  delay: 10
+...
diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/repository_SLES.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/repository_SLES.yml
new file mode 100644
index 0000000..bb3ef8d
--- /dev/null
+++ b/schematics/ansible/roles/saphanareq/tasks/configurations/repository_SLES.yml
@@ -0,0 +1,5 @@
+---
+- name: Wait for SLES repo configurations
+  wait_for:
+    path: /etc/SUSEConnect
+...
diff --git a/cli/ansible/roles/saphanareq/tasks/configurations/reqpkggroups.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/reqpkggroups_RedHat.yml
similarity index 58%
rename from cli/ansible/roles/saphanareq/tasks/configurations/reqpkggroups.yml
rename to schematics/ansible/roles/saphanareq/tasks/configurations/reqpkggroups_RedHat.yml
index 7e3908d..4a603e9 100644
--- a/cli/ansible/roles/saphanareq/tasks/configurations/reqpkggroups.yml
+++ b/schematics/ansible/roles/saphanareq/tasks/configurations/reqpkggroups_RedHat.yml
@@ -2,5 +2,5 @@
 - name: Import requierd package groups
   dnf:
     state: present
-    name: "{{ saphana_required_package_groups }}" 
+    name: "{{ saphana_required_package_groups }}"
 ...
diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/saptune.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/saptune.yml
new file mode 100644
index 0000000..6209cc9
--- /dev/null
+++ b/schematics/ansible/roles/saphanareq/tasks/configurations/saptune.yml
@@ -0,0 +1,17 @@
+---
+- name: Start and enable saptune service
+  service:
+    name: saptune
+    state: started
+    enabled: yes
+
+- name: Check if HANA profile was already set
+  command: "saptune status"
+  register: hana_profile
+  changed_when: False
+  failed_when: hana_profile.rc != 0 and hana_profile.rc != 3
+
+- name: Select HANA profile for saptune
+  command: /usr/sbin/saptune solution apply HANA
+  when: "'HANA' not in hana_profile.stdout"
+...
diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/tuned.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/tuned.yml
index 4ae6b80..1c0ae8b 100644
--- a/schematics/ansible/roles/saphanareq/tasks/configurations/tuned.yml
+++ b/schematics/ansible/roles/saphanareq/tasks/configurations/tuned.yml
@@ -10,6 +10,12 @@
     state: started
     enabled: yes
 
+- name: Check if sap-hana profile was already activated
+  command: "tuned-adm active"
+  register: tuned_active
+  changed_when: False
+
 - name: Select sap-hana profile for tuned
   command: /usr/sbin/tuned-adm profile sap-hana
+  when: "'sap_hana' not in tuned_active.stdout"
 ...
\ No newline at end of file
diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/umask_RHEL.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/umask_RHEL.yml
new file mode 100644
index 0000000..e38746c
--- /dev/null
+++ b/schematics/ansible/roles/saphanareq/tasks/configurations/umask_RHEL.yml
@@ -0,0 +1,12 @@
+---
+- name: Configure default umask
+  replace:
+    path: "{{ file }}"
+    regexp: '(.*umask 077.*)'
+    replace: 'umask 022'
+  loop:
+    - /etc/profile
+    - /etc/bashrc
+  loop_control:
+    loop_var: file
+...
diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/umask_SLES.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/umask_SLES.yml
new file mode 100644
index 0000000..438a784
--- /dev/null
+++ b/schematics/ansible/roles/saphanareq/tasks/configurations/umask_SLES.yml
@@ -0,0 +1,7 @@
+---
+- name: Configure default umask
+  replace:
+    path: /etc/login.defs
+    regexp: '(.*UMASK     027.*)'
+    replace: 'UMASK     022'
+...
diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/update_RedHat7.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/update_RedHat7.yml
new file mode 100644
index 0000000..4824910
--- /dev/null
+++ b/schematics/ansible/roles/saphanareq/tasks/configurations/update_RedHat7.yml
@@ -0,0 +1,18 @@
+---
+- name: Enable repository for compat-sap-c++-9
+  rhsm_repository:
+    name: "{{ repo_name }}"
+    state: enabled
+  loop:
+    # - rhel-sap-for-rhel-7-server-e4s-rpms
+    - rhel-7-server-rpms
+    - rhel-sap-hana-for-rhel-7-server-rpms
+    - rhel-7-server-eus-rpms
+  loop_control:
+    loop_var: repo_name
+
+- name: Update all packages # noqa 403
+  yum:
+    name: '*'
+    state: latest
+...
diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/update_RedHat8.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/update_RedHat8.yml
new file mode 100644
index 0000000..20324b3
--- /dev/null
+++ b/schematics/ansible/roles/saphanareq/tasks/configurations/update_RedHat8.yml
@@ -0,0 +1,6 @@
+---
+- name: Update all packages # noqa 403
+  yum:
+    name: '*'
+    state: latest
+...
diff --git a/schematics/ansible/roles/saphanareq/tasks/configurations/update_SLES_SAP.yml b/schematics/ansible/roles/saphanareq/tasks/configurations/update_SLES_SAP.yml
new file mode 100644
index 0000000..d6f097d
--- /dev/null
+++ b/schematics/ansible/roles/saphanareq/tasks/configurations/update_SLES_SAP.yml
@@ -0,0 +1,6 @@
+---
+- name: Update all packages # noqa 403
+  zypper:
+    name: '*'
+    state: latest
+...
diff --git a/schematics/ansible/roles/saphanareq/vars/RedHat7.yml b/schematics/ansible/roles/saphanareq/vars/RedHat7.yml
index b6b3e5d..fb40a1c 100644
--- a/schematics/ansible/roles/saphanareq/vars/RedHat7.yml
+++ b/schematics/ansible/roles/saphanareq/vars/RedHat7.yml
@@ -33,16 +33,21 @@ saphana_required_package_groups:
   - "@base"
 
 saphana_required_configurations:
-  - "update_os"
-  - "reqpkggroups"
+  - "repository_RedHat"
+  - "update_RedHat7"
+  - "reqpkggroups_RedHat"
   - "reqpkg"
+  - "hostname_fix_RedHat"
   - "hostname"
   - "filesystems"
   - "tuned"
   - "SELinux"
+  - "firewalld"
   - "symlinks"
   - "abrtd"
   - "kdump"
   - "limits"
+  - "tmpfiles"
   - "kernel_RedHat7"
+  - "reboot"
 ...
diff --git a/schematics/ansible/roles/saphanareq/vars/RedHat8.yml b/schematics/ansible/roles/saphanareq/vars/RedHat8.yml
new file mode 100644
index 0000000..99aabdf
--- /dev/null
+++ b/schematics/ansible/roles/saphanareq/vars/RedHat8.yml
@@ -0,0 +1,56 @@
+---
+saphana_required_packages:
+  - cairo
+  - graphviz
+  - iptraf-ng
+  - lm_sensors
+  - net-tools
+  - uuidd
+  - libnsl
+  - tcsh
+  - psmisc
+  - nfs-utils
+  - bind-utils
+  - expect
+  - gtk2
+  - krb5-workstation
+  - krb5-libs
+  - libaio
+  - libcanberra-gtk2
+  - libibverbs
+  - libicu
+  - libssh2
+  - libtool-ltdl
+  - numactl
+  - openssl
+  - PackageKit-gtk3-module
+  - rsyslog
+  - sudo
+  - xfsprogs
+  - xorg-x11-xauth
+  - compat-sap-c++-9
+  - libatomic
+  - chrony
+  - lvm2
+  - unzip
+
+saphana_required_configurations:
+  - "repository_RedHat"
+  - "update_RedHat8"
+  - "reqpkg"
+  - "hostname_fix_RedHat"
+  - "hostname"
+  - "umask_RHEL"
+  - "kernel_RedHat8"
+  - "reboot"
+  - "filesystems"
+  - "tuned"
+  - "SELinux"
+  - "firewalld"
+  - "uuidd"
+  - "abrtd"
+  - "kdump"
+  - "limits"
+  - "tmpfiles"
+  - "reboot"
+... 
diff --git a/schematics/ansible/roles/saphanareq/vars/SLES_SAP15.yml b/schematics/ansible/roles/saphanareq/vars/SLES_SAP15.yml
new file mode 100644
index 0000000..f6b78e2
--- /dev/null
+++ b/schematics/ansible/roles/saphanareq/vars/SLES_SAP15.yml
@@ -0,0 +1,20 @@
+---
+saphana_required_packages:
+  - lvm2
+  - uuidd
+
+saphana_required_configurations:
+  - "repository_SLES"
+  - "update_SLES_SAP"
+  - "reqpkg"
+  - "umask_SLES"
+  - "hostname"
+  - "kernel_SLES_SAP15"
+  - "reboot"
+  - "filesystems"
+  - "limits"
+  - "tmpfiles"
+  - "uuidd"
+  - "saptune"
+  - "reboot"
+... 
diff --git a/schematics/ansible/saphana-vars.yml b/schematics/ansible/saphana-vars.yml
deleted file mode 100644
index b5a0361..0000000
--- a/schematics/ansible/saphana-vars.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-#Ansible vars_file containing variable values passed from Terraform.
-#Generated by "terraform plan&apply" command.
-
-#HANA DB configuration
-hana_sid: "HDB"
-hana_sysno: "00"
-hana_main_password: ""
-hana_system_usage: "custom"
-hana_components: "server"
-
-#SAP HANA Installation kit path
-kit_saphana_file: "/storage/HANADB/51054623.ZIP"
-...
diff --git a/schematics/ansible/saps4app-vars.yml b/schematics/ansible/saps4app-vars.yml
deleted file mode 100644
index 24e9fd7..0000000
--- a/schematics/ansible/saps4app-vars.yml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-#Ansible vars_file containing variable values passed from Terraform.
-#Generated by "terraform plan&apply" command.
-
-#SAP system configuration
-sap_sid: "S4A"
-sap_ascs_instance_number: "01"
-sap_ci_instance_number: "00"
-sap_main_password: ""
-
-#HANA config
-hdb_host: ""
-hdb_sid: "HDB"
-hdb_instance_number: "00"
-hdb_main_password: ""
-# Number of concurrent jobs used to load and/or extract archives to HANA Host
-hdb_concurrent_jobs: "23"
-
-#SAP S4HANA APP Installation kit path
-kit_sapcar_file: "/storage/S4HANA/SAPCAR_1010-70006178.EXE"
-kit_swpm_file: "/storage/S4HANA/SWPM20SP09_4-80003424.SAR"
-kit_sapexe_file: "/storage/S4HANA/SAPEXE_100-70005283.SAR"
-kit_sapexedb_file: "/storage/S4HANA/SAPEXEDB_100-70005282.SAR"
-kit_igsexe_file: "/storage/S4HANA/igsexe_1-70005417.sar"
-kit_igshelper_file: "/storage/S4HANA/igshelper_17-10010245.sar"
-kit_saphotagent_file: "/storage/S4HANA/SAPHOSTAGENT51_51-20009394.SAR"
-kit_hdbclient_file: "/storage/S4HANA/IMDB_CLIENT20_009_28-80002082.SAR"
-kit_s4hana_export: "/storage/S4HANA/export"
-...
diff --git a/schematics/integration-app.tf b/schematics/integration-app.tf
index d5303d1..b5e05ce 100644
--- a/schematics/integration-app.tf
+++ b/schematics/integration-app.tf
@@ -8,6 +8,7 @@ resource "local_file" "app_ansible_saps4app-vars" {
 
 #SAP system configuration
 sap_sid: "${var.sap_sid}"
+app_profile: "${var.APP-PROFILE}"
 sap_ascs_instance_number: "${var.sap_ascs_instance_number}"
 sap_ci_instance_number: "${var.sap_ci_instance_number}"
 sap_main_password: "${var.sap_main_password}"
diff --git a/schematics/integration-db.tf b/schematics/integration-db.tf
index 9c4c702..c285f8c 100644
--- a/schematics/integration-db.tf
+++ b/schematics/integration-db.tf
@@ -8,6 +8,7 @@ resource "local_file" "db_ansible_saphana-vars" {
 
 #HANA DB configuration
 hana_sid: "${var.hana_sid}"
+hana_profile: "${var.DB-PROFILE}"
 hana_sysno: "${var.hana_sysno}"
 hana_main_password: "${var.hana_main_password}"
 hana_system_usage: "${var.hana_system_usage}"
diff --git a/schematics/main.tf b/schematics/main.tf
index 60f7a8a..82fd01c 100644
--- a/schematics/main.tf
+++ b/schematics/main.tf
@@ -1,14 +1,19 @@
+module "pre-init" {
+  source		= "./modules/pre-init"
+}
 
 module "precheck-ssh-exec" {
   source		= "./modules/precheck-ssh-exec"
+  depends_on	= [ module.pre-init ]
   BASTION_FLOATING_IP = var.BASTION_FLOATING_IP
   private_ssh_key = var.private_ssh_key
   HOSTNAME		= var.DB-HOSTNAME
+  SECURITY_GROUP = var.SECURITY_GROUP
 }
 
 module "vpc-subnet" {
-  depends_on	= [ module.precheck-ssh-exec ]
   source		= "./modules/vpc/subnet"
+  depends_on	= [ module.precheck-ssh-exec ]
   ZONE			= var.ZONE
   VPC			= var.VPC
   SECURITY_GROUP = var.SECURITY_GROUP
@@ -16,8 +21,8 @@ module "vpc-subnet" {
 }
 
 module "db-vsi" {
-  depends_on	= [ module.precheck-ssh-exec ]
   source		= "./modules/db-vsi"
+  depends_on	= [ module.precheck-ssh-exec ]
   ZONE			= var.ZONE
   VPC			= var.VPC
   SECURITY_GROUP = var.SECURITY_GROUP
diff --git a/schematics/modules/ansible-exec/error.sh b/schematics/modules/ansible-exec/error.sh
index 358b38a..77d6dc1 100644
--- a/schematics/modules/ansible-exec/error.sh
+++ b/schematics/modules/ansible-exec/error.sh
@@ -1,7 +1,7 @@
 #!/bin/sh
 
-while [ `cat /tmp/ansible.$SAP_DEPLOYMENT-$IP/ansible.$IP.log | egrep "FAILED\!|UNREACHABLE\!" | wc -l` -ge 1 ]
+while [ `cat /tmp/ansible.$SAP_DEPLOYMENT-$IP/ansible.$IP.log | egrep -i "failed\=[^0]|unreachable\=[^0]" | wc -l` -ge 1 ]
 do
-   echo -e "Ansible deployment ERROR: \n `cat /tmp/ansible.$SAP_DEPLOYMENT-$IP/ansible.$IP.log | egrep "FAILED\!|UNREACHABLE\!"` \n  `tail -3 /tmp/ansible.$SAP_DEPLOYMENT-$IP/ansible.$IP.log`";sleep 5
+   echo -e "Ansible deployment ERROR: \n `cat /tmp/ansible.$SAP_DEPLOYMENT-$IP/ansible.$IP.log | egrep -i "failed\=[^0]|unreachable\=[^0]"` \n  `tail -3 /tmp/ansible.$SAP_DEPLOYMENT-$IP/ansible.$IP.log`";sleep 5
 
 done
diff --git a/schematics/modules/ansible-exec/remote-exec.tf b/schematics/modules/ansible-exec/remote-exec.tf
index 1b06d47..ac02e61 100644
--- a/schematics/modules/ansible-exec/remote-exec.tf
+++ b/schematics/modules/ansible-exec/remote-exec.tf
@@ -46,13 +46,6 @@ resource "null_resource" "ansible-exec" {
       ]
     }
 
-    provisioner "remote-exec" {
-        inline = [
-         "chmod 600 /tmp/ansible.${local.SAP_DEPLOYMENT}-${var.IP}/id_rsa",
-         "ssh-keyscan -H ${var.IP} >> ~/.ssh/known_hosts",
-       ]
-    }
-
     provisioner "local-exec" {
           command = "ssh -o 'StrictHostKeyChecking no' -i ansible/id_rsa root@${var.BASTION_FLOATING_IP} 'nohup ansible-playbook --private-key /tmp/ansible.${local.SAP_DEPLOYMENT}-${var.IP}/id_rsa -i ${var.IP}, /tmp/ansible.${local.SAP_DEPLOYMENT}-${var.IP}/${var.PLAYBOOK} > /tmp/ansible.${local.SAP_DEPLOYMENT}-${var.IP}/ansible.${var.IP}.log 2>&1 &'"
     }
@@ -63,14 +56,6 @@ resource "null_resource" "check-ansible" {
 
     depends_on	= [ null_resource.ansible-exec ]
 
-    connection {
-        type = "ssh"
-        user = "root"
-        host = var.IP
-        private_key = var.private_ssh_key
-        timeout = "2m"
-     }
-
     provisioner "local-exec" {
           command = "ssh -o 'StrictHostKeyChecking no' -i ansible/id_rsa root@${var.BASTION_FLOATING_IP} 'export IP=${var.IP}; export SAP_DEPLOYMENT=${local.SAP_DEPLOYMENT}; timeout 10m /tmp/${var.IP}.check.ansible.sh'"
           on_failure = continue
@@ -82,14 +67,6 @@ resource "null_resource" "ansible-logs" {
 
     depends_on	= [ null_resource.check-ansible ]
 
-    connection {
-        type = "ssh"
-        user = "root"
-        host = var.IP
-        private_key = var.private_ssh_key
-        timeout = "2m"
-     }
-
     provisioner "local-exec" {
           command = "ssh -o 'StrictHostKeyChecking no' -i ansible/id_rsa root@${var.BASTION_FLOATING_IP} 'export IP=${var.IP}; export SAP_DEPLOYMENT=${local.SAP_DEPLOYMENT}; timeout 55m /tmp/${var.IP}.while.sh'"
           on_failure = continue
@@ -97,19 +74,10 @@ resource "null_resource" "ansible-logs" {
 
 }
 
-
 resource "null_resource" "ansible-logs1" {
 
     depends_on	= [ null_resource.ansible-logs ]
 
-    connection {
-        type = "ssh"
-        user = "root"
-        host = var.IP
-        private_key = var.private_ssh_key
-        timeout = "2m"
-     }
-
     provisioner "local-exec" {
           command = "ssh -o 'StrictHostKeyChecking no' -i ansible/id_rsa root@${var.BASTION_FLOATING_IP} 'export IP=${var.IP}; export SAP_DEPLOYMENT=${local.SAP_DEPLOYMENT}; timeout 55m /tmp/${var.IP}.while.sh'"
           on_failure = continue
@@ -117,7 +85,6 @@ resource "null_resource" "ansible-logs1" {
 
 }
 
-
 resource "null_resource" "ansible-errors" {
 
     depends_on	= [ null_resource.ansible-logs1 ]
@@ -129,7 +96,6 @@ resource "null_resource" "ansible-errors" {
 
 }
 
-
 resource "null_resource" "ansible-delete-sensitive-data" {
 
     depends_on	= [ null_resource.ansible-logs1 ]
@@ -144,6 +110,5 @@ resource "null_resource" "ansible-delete-sensitive-data" {
 
     provisioner "remote-exec" {
         inline = [ "rm -rf /tmp/ansible.${local.SAP_DEPLOYMENT}-${var.IP}" ]
-     }
-
+     } 
 }
diff --git a/schematics/modules/ansible-exec/versions.tf b/schematics/modules/ansible-exec/versions.tf
index d24698f..6c950f4 100644
--- a/schematics/modules/ansible-exec/versions.tf
+++ b/schematics/modules/ansible-exec/versions.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"
-      version = ">= 1.24.0"
+      version = ">= 1.41.1"
     }
   }
 }
diff --git a/schematics/modules/app-vsi/versions.tf b/schematics/modules/app-vsi/versions.tf
index d24698f..6c950f4 100644
--- a/schematics/modules/app-vsi/versions.tf
+++ b/schematics/modules/app-vsi/versions.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"
-      version = ">= 1.24.0"
+      version = ">= 1.41.1"
     }
   }
 }
diff --git a/schematics/modules/db-vsi/versions.tf b/schematics/modules/db-vsi/versions.tf
index d24698f..6c950f4 100644
--- a/schematics/modules/db-vsi/versions.tf
+++ b/schematics/modules/db-vsi/versions.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"
-      version = ">= 1.24.0"
+      version = ">= 1.41.1"
     }
   }
 }
diff --git a/schematics/modules/pre-init/found.ip.tmpl b/schematics/modules/pre-init/found.ip.tmpl
new file mode 100644
index 0000000..7b9ad53
--- /dev/null
+++ b/schematics/modules/pre-init/found.ip.tmpl
@@ -0,0 +1 @@
+127.0.0.1
diff --git a/schematics/modules/pre-init/get-server-ip.tf b/schematics/modules/pre-init/get-server-ip.tf
new file mode 100644
index 0000000..f505e17
--- /dev/null
+++ b/schematics/modules/pre-init/get-server-ip.tf
@@ -0,0 +1,10 @@
+resource "null_resource" "sch-server-deployment-ip" {
+    provisioner "local-exec" {
+        command = "chmod +x ${path.module}/get.sch.ip.sh"
+    }
+
+    provisioner "local-exec" {
+        command = "${path.module}/get.sch.ip.sh | uniq | tee ${path.module}/found.ip.tmpl"
+        on_failure = fail
+    }
+}
diff --git a/schematics/modules/pre-init/get.sch.ip.sh b/schematics/modules/pre-init/get.sch.ip.sh
new file mode 100644
index 0000000..f5818e5
--- /dev/null
+++ b/schematics/modules/pre-init/get.sch.ip.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+###########
+
+# Checking the Public IP for the Schematics one-time Deployment Server from different external locations
+curl --silent --show-error --fail https://ipecho.net/plain; echo
+curl --silent --show-error --fail icanhazip.com
+curl --silent --show-error --fail ifconfig.co
diff --git a/schematics/modules/pre-init/versions.tf b/schematics/modules/pre-init/versions.tf
new file mode 100644
index 0000000..6c950f4
--- /dev/null
+++ b/schematics/modules/pre-init/versions.tf
@@ -0,0 +1,8 @@
+terraform {
+  required_providers {
+    ibm = {
+      source  = "IBM-Cloud/ibm"
+      version = ">= 1.41.1"
+    }
+  }
+}
diff --git a/schematics/modules/precheck-ssh-exec/precheck-remote-exec.tf b/schematics/modules/precheck-ssh-exec/precheck-remote-exec.tf
index d60bc1b..ff371a4 100644
--- a/schematics/modules/precheck-ssh-exec/precheck-remote-exec.tf
+++ b/schematics/modules/precheck-ssh-exec/precheck-remote-exec.tf
@@ -1,4 +1,6 @@
 resource "null_resource" "check-bastion-resources" {
+  
+        depends_on = [ ibm_is_security_group_rule.inbound-sg-sch-ssh-rule ]
 
         connection {
             type = "ssh"
diff --git a/schematics/modules/precheck-ssh-exec/sg-sch-ssh-rule.tf b/schematics/modules/precheck-ssh-exec/sg-sch-ssh-rule.tf
new file mode 100644
index 0000000..28aaffa
--- /dev/null
+++ b/schematics/modules/precheck-ssh-exec/sg-sch-ssh-rule.tf
@@ -0,0 +1,19 @@
+data "ibm_is_security_group" "securitygroup" {
+  name		= var.SECURITY_GROUP
+}
+
+data "local_file" "input" {
+  filename = "modules/pre-init/found.ip.tmpl"
+}
+
+resource "ibm_is_security_group_rule" "inbound-sg-sch-ssh-rule" {
+  group     = data.ibm_is_security_group.securitygroup.id
+  direction = "inbound"
+  remote    = chomp(data.local_file.input.content)
+
+  tcp {
+    port_min = 22
+    port_max = 22
+  }
+
+}
diff --git a/schematics/modules/precheck-ssh-exec/variables.tf b/schematics/modules/precheck-ssh-exec/variables.tf
index 5d52967..604d654 100644
--- a/schematics/modules/precheck-ssh-exec/variables.tf
+++ b/schematics/modules/precheck-ssh-exec/variables.tf
@@ -12,3 +12,8 @@ variable "private_ssh_key" {
     type = string
     description = "Private ssh key"
 }
+
+variable "SECURITY_GROUP" {
+    type = string
+    description = "Security group name"
+}
diff --git a/schematics/modules/precheck-ssh-exec/versions.tf b/schematics/modules/precheck-ssh-exec/versions.tf
index d24698f..6c950f4 100644
--- a/schematics/modules/precheck-ssh-exec/versions.tf
+++ b/schematics/modules/precheck-ssh-exec/versions.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"
-      version = ">= 1.24.0"
+      version = ">= 1.41.1"
     }
   }
 }
diff --git a/schematics/modules/vpc/subnet/versions.tf b/schematics/modules/vpc/subnet/versions.tf
index d24698f..6c950f4 100644
--- a/schematics/modules/vpc/subnet/versions.tf
+++ b/schematics/modules/vpc/subnet/versions.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"
-      version = ">= 1.24.0"
+      version = ">= 1.41.1"
     }
   }
 }
diff --git a/schematics/variables.tf b/schematics/variables.tf
index f97b498..c94724e 100644
--- a/schematics/variables.tf
+++ b/schematics/variables.tf
@@ -86,7 +86,11 @@ variable "DB-PROFILE" {
 variable "DB-IMAGE" {
 	type		= string
 	description = "DB VSI OS Image"
-	default		= "ibm-redhat-7-6-amd64-sap-hana-3"
+	default		= "ibm-redhat-8-4-amd64-sap-hana-2"
+	validation {
+		condition     = length(regexall("^(ibm-redhat-7-6-amd64-sap-hana|ibm-redhat-8-4-amd64-sap-hana|ibm-sles-15-3-amd64-sap-hana)-[0-9][0-9]*", var.DB-IMAGE)) > 0
+		error_message = "The OS SAP DB-IMAGE must be one of  \"ibm-sles-15-3-amd64-sap-hana-x\", \"ibm-redhat-8-4-amd64-sap-hana-x\" or \"ibm-redhat-7-6-amd64-sap-hana-x\"."
+ }
 }
 
 variable "APP-HOSTNAME" {
@@ -107,7 +111,11 @@ variable "APP-PROFILE" {
 variable "APP-IMAGE" {
 	type		= string
 	description = "VSI OS Image"
-	default		= "ibm-redhat-7-6-amd64-sap-applications-3"
+	default		= "ibm-redhat-8-4-amd64-sap-applications-2"
+	validation {
+			condition     = length(regexall("^(ibm-redhat-7-6-amd64-sap-applications|ibm-redhat-8-4-amd64-sap-applications|ibm-sles-15-3-amd64-sap-applications)-[0-9][0-9]*", var.APP-IMAGE)) > 0
+			error_message = "The OS SAP APP-IMAGE must be one of \"ibm-redhat-7-6-amd64-sap-applications-x\" ,  \"ibm-redhat-8-4-amd64-sap-applications-x\" or \"ibm-sles-15-3-amd64-sap-applications-x\"."
+ }
 }
 
 variable "hana_sid" {
diff --git a/schematics/versions.tf b/schematics/versions.tf
index 53da8ce..6c950f4 100644
--- a/schematics/versions.tf
+++ b/schematics/versions.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     ibm = {
       source  = "IBM-Cloud/ibm"
-      version = "~> 1.24.0"
+      version = ">= 1.41.1"
     }
   }
 }