Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Is it necessary to open *.chime.aws:3478 (UDP) on the firewall required by the Chime SDK?

0

Is it necessary to open *.chime.aws:3478 (UDP) on the firewall required by the Chime SDK?

https://docs.aws.amazon.com/en_en/chime-sdk/latest/ag/network-config.html#web-rtc

According to this ChimeSDK WebRTC firewall (FW) setting requirements document, it is necessary to add the setting to open

*.chime.aws:3478(UDP).

However, due to my customer's circumstances, the release of FWs other than port 443 by domain name is prohibited, and my release request was rejected.

Will not releasing this *.chime.aws:3478 (UDP) have a negative impact on the operation of ChimeSDK webrtc MediaSession?

Is it not enough to just release 99.77.128.0/18 port: 3478 protocol: UDP?

Tags
Amazon Chime SDKAmazon Chime
Language
English
asked 2 years ago369 views
1 Answer
0

Allow listing the IP address should be good enough. The reason you would want to allow list the domains is that IP addresses are typically treated as dynamic so could change in the future. The risk you would take is if there is added or changed IP address scope, your service could experience issues.

To add to this, we do provide a json file with the AWS IP ranges that can be consumed programatically. Ranges also include the services, so you could parse the ranges necessary for chime and either programmatically alert to a change or programmatically make the change.

AWS
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content