By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Amazon MQ (Rabbit) in VPC and TLS

2

Hello!

I am new to AWS and reading the documentation has not given me a definite answer thus I am asking here in hopes of getting a concrete answer.

Setup:

  • Amazon MQ with Rabbit engine, set up with VPC + no public access.
  • Multiple (Java) microservices running in ECS on the same VPC, communicating via the MQ.

Currently we use "useSslProtocol" from the RabbitMQ Java client library (com.rabbitmq.client.ConnectionFactory) but this is only meant for development as it creates a SSLContext that trusts all certificates no matter what.

As for the question, do I need to configure TLS in the microservices manually when connection to the MQ or can I leave it out? Do we even need to bother with TLS or can we assume VPC with no public access is secure enough?

Documentation mentions that AMQ uses TLS by default but there are also hints that it should be set up. Though I lean towards having to configure it by hand but need confirmation in that regard.

Thanks in advance

Topics
Networking & Content DeliveryApplication IntegrationAWS Well-Architected FrameworkInternet of Things (IoT)
Tags
Amazon VPCAmazon MQSecurityTransport Layer Security (TLS)
Language
English
Riivo
asked 9 months ago235 views
1 Answer
0

I am also looking for the above answer. AWS has provided root CA certs for RDS but not for Amazon MQ. so any suggestions ?

Rahul Reddy
answered 6 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content