Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Amazon MQ (Rabbit) in VPC and TLS

2

Hello!

I am new to AWS and reading the documentation has not given me a definite answer thus I am asking here in hopes of getting a concrete answer.

Setup:

  • Amazon MQ with Rabbit engine, set up with VPC + no public access.
  • Multiple (Java) microservices running in ECS on the same VPC, communicating via the MQ.

Currently we use "useSslProtocol" from the RabbitMQ Java client library (com.rabbitmq.client.ConnectionFactory) but this is only meant for development as it creates a SSLContext that trusts all certificates no matter what.

As for the question, do I need to configure TLS in the microservices manually when connection to the MQ or can I leave it out? Do we even need to bother with TLS or can we assume VPC with no public access is secure enough?

Documentation mentions that AMQ uses TLS by default but there are also hints that it should be set up. Though I lean towards having to configure it by hand but need confirmation in that regard.

Thanks in advance

Themen
Vernetzung & Bereitstellung von InhaltenAnwendungsintegrationAWS Framework mit guter StrukturInternet der Dinge (IoT)
Tags
Amazon VPCAmazon MQSicherheitSicherheit der Transportschicht (TLS)
Sprache
English
Riivo
gefragt vor 10 Monaten257 Aufrufe
1 Antwort
0

I am also looking for the above answer. AWS has provided root CA certs for RDS but not for Amazon MQ. so any suggestions ?

Rahul Reddy
beantwortet vor 7 Monaten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt