How Do I Configure a Security Group?

To access a RabbitMQ instance within a VPC or over public networks, configure the security group rules as follows.

• Intra-VPC Access

  To access a RabbitMQ instance, you must deploy your client on an ECS in the same VPC as the instance.

  In addition, before you can access the instance through your client, you must configure correct rules for the security groups of both the ECS and RabbitMQ instance.

  1. You are advised to configure the same security group for the ECS and RabbitMQ instance. After a security group is created, network access in the group is not restricted by default.
  2. If different security groups are configured, you may need to refer to the following configurations:
     

     • Assume that security groups sg-53d4, sg-RabbitMQ, and Default_All are configured respectively for your ECS and RabbitMQ instance.
     • You can specify a security group or IP address as the remote end in the following rules.

     Add the following security group rule to allow the ECS to access the RabbitMQ instance.

     Figure 1 Configuring security group rules for the ECS
     

     Table 1 Security group rule

     Direction	Protocol & Port	Destination
     Outbound	All	Default_All

     To ensure that your client can access the RabbitMQ instance, add the following rule to the security group configured for the RabbitMQ instance.

     Figure 2 Configuring security group for the RabbitMQ instance
     

     Table 2 Security group rule

     Direction	Protocol & Port	Source
     Inbound	All	sg-53d4

• Public access:

  To ensure that your client can access the RabbitMQ instance, add the following rule to the security group configured for the RabbitMQ instance.

  Table 3 Security group rule

  Direction	Protocol & Port	Source
  Inbound	TCP:5672	0.0.0.0/0

  Figure 3 show the rules.

  Figure 3 Rule 1 for the security group