Help Center/ Distributed Message Service for RabbitMQ/ FAQs/ Connections/ How Do I Configure a Security Group?
Updated on 2024-11-22 GMT+08:00

How Do I Configure a Security Group?

To access a RabbitMQ instance within a VPC or over public networks, configure the security group rules as follows.

  • Intra-VPC Access

    To access a RabbitMQ instance, you must deploy your client on an ECS in the same VPC as the instance.

    In addition, before you can access the instance through your client, you must configure correct rules for the security groups of both the ECS and RabbitMQ instance.

    1. You are advised to configure the same security group for the ECS and RabbitMQ instance. After a security group is created, network access in the group is not restricted by default.
    2. If different security groups are configured, you may need to refer to the following configurations:
      • Assume that security groups sg-53d4 and Default_All are configured respectively for your ECS and RabbitMQ instance.
      • You can specify a security group or IP address as the remote end in the following rules.

      Add the following security group rule to allow the ECS to access the RabbitMQ instance.

      Figure 1 Configuring security group rules for the ECS
      Table 1 Security group rule

      Direction

      Protocol & Port

      Destination

      Outbound

      All

      Default_All

      To ensure that your client can access the RabbitMQ instance, add the following rule to the security group configured for the RabbitMQ instance.

      Figure 2 Configuring security group for the RabbitMQ instance
      Table 2 Security group rule

      Direction

      Protocol & Port

      Source

      Inbound

      All

      sg-53d4

  • Public access:

    To ensure that your client can access the RabbitMQ instance, add the following rule to the security group configured for the RabbitMQ instance.

    The source in Table 3 indicates that all IP segments are allowed. Modify them to your client IP addresses as required.

    Table 3 Security group rule

    Direction

    Protocol & Port

    Source

    Inbound

    TCP:5672

    IP address or IP address group of the RabbitMQ client

    Figure 3 show the rules.

    Figure 3 Rule 1 for the security group