AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post

RabbitMQ web Console Access(Amazon MQ broker managed) using SSM

0

Hi All, We have rabbitmq service running in private subnet managed by Amazon MQ

how can we access web console of Rabbitmq using SSM

we tried following but we are not able to access website doen't load

Note: we provided proper security group "as i already tested with bastion host in public and ssh dynamic port forwarding its working"... but not using SSM

aws ssm start-session
--target "<JumpHostId>"
--document-name AWS-StartPortForwardingSessionToRemoteHost
--parameters host="<hostid>.mq.us-east-1.amazonaws.com",portNumber=15672,localPortNumber="4545"
--region="us-east-1"

so is this possible to access using SSM?

https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/accessing-web-console-of-broker-without-public-accessibility.html

only document using ssh to bastion host

how can we do it using SSM?

주제
보안, 신원 및 규정 준수관리 및 거버넌스애플리케이션 통합
태그
AWS 자격 증명 및 액세스 관리AWS 시스템 관리자아마존 MQ세션 관리
언어
English
Nisarg
질문됨 2달 전217회 조회
1개 답변
1
수락된 답변

Hello.

The web console connects via HTTPS, so I think the port number is 443.
If you have successfully configured the settings using the steps in the document below, you should have allowed HTTPS in your security group.
https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/accessing-web-console-of-broker-without-public-accessibility.html

private-sg must allow inbound connections from public-sg. We recommend restricting this security group to port 8162 for ActiveMQ, and port 443 for RabbitMQ.

In other words, you need to set the option to "portNumber=443".

aws ssm start-session
--target "EC2 Instance ID"
--document-name AWS-StartPortForwardingSessionToRemoteHost
--parameters host="<hostid>.mq.us-east-1.amazonaws.com",portNumber=443,localPortNumber="4545"
--region="us-east-1"

After executing the command, access "https://localhost:4545" in your browser to open the Rabbitmq console.
a

profile picture
전문가
Riku_Kobayashi
답변함 2달 전
  • Nisarg
    2달 전

    are you able to access it ?i tried but still getting

    This page isn’t working localhost sent an invalid response. ERR_INVALID_HTTP_RESPONSE

    What i have tried so far

    1. Created Bastion Host in public subnet --> applied proper security group: "Able to access Rabbitmq console - using ssh -D : SOCK S proxy"
    2. Tried SSM to EC2 instance in private subnet --> applied security group: "Not able to Access RabbitMQ console"
    3. Created Bastion host in public subnet --> installed SSM agent --> applied Proper Security Group: "Not able to access Rabbtimq"
  • Riku_Kobayashi 전문가
    2달 전

    I tried it with my AWS account and I can access it. I tried the following configuration.

    Created Bastion host in public subnet --> installed SSM agent --> applied Proper Security Group: "Not able to access Rabbtimq"

    By the way, does the following command succeed?

    aws ssm start-session
--target "EC2 Instance ID"
--document-name AWS-StartPortForwardingSessionToRemoteHost
--parameters host="<hostid>.mq.us-east-1.amazonaws.com",portNumber=443,localPortNumber="4545"
--region="us-east-1"

    Also, could you please share the detailed rules of the security group set for Amazon MQ? Do you allow HTTPS connections from the stepping stone EC2 in the security group set for Amazon MQ?

  • Nisarg
    2달 전

    Its working: i made mistake of not using https://localhost:4545 i was trying http://localhost:4545

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠