En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

Amazon MQ (Rabbit) in VPC and TLS

2

Hello!

I am new to AWS and reading the documentation has not given me a definite answer thus I am asking here in hopes of getting a concrete answer.

Setup:

  • Amazon MQ with Rabbit engine, set up with VPC + no public access.
  • Multiple (Java) microservices running in ECS on the same VPC, communicating via the MQ.

Currently we use "useSslProtocol" from the RabbitMQ Java client library (com.rabbitmq.client.ConnectionFactory) but this is only meant for development as it creates a SSLContext that trusts all certificates no matter what.

As for the question, do I need to configure TLS in the microservices manually when connection to the MQ or can I leave it out? Do we even need to bother with TLS or can we assume VPC with no public access is secure enough?

Documentation mentions that AMQ uses TLS by default but there are also hints that it should be set up. Though I lean towards having to configure it by hand but need confirmation in that regard.

Thanks in advance

Sujets
Réseaux et diffusion de contenuIntégration d'applicationsFramework AWS Well-ArchitectedInternet des objets (IoT)
Balises
Amazon VPCAmazon MQSécuritéSécurité de la couche de transport (TLS)
Langue
English
Riivo
demandé il y a 10 mois257 vues
1 réponse
0

I am also looking for the above answer. AWS has provided root CA certs for RDS but not for Amazon MQ. so any suggestions ?

Rahul Reddy
répondu il y a 7 mois

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents