Riak Security on AWS.

Ian Ha ian at blutrumpet.com
Fri Feb 1 12:18:16 EST 2013


We also run on AWS and we use security groups. You can restrict inbound
traffic to other nodes with the same security group only.


On Fri, Feb 1, 2013 at 9:32 AM, Hector Castro <hector at basho.com> wrote:

> Hi,
>
> We recently published a blog post detailing methods of deployment on AWS
> [0].
>
> More specifically, to secure the nodes behind an ELB you can assign
> them security groups as they're defined here [1]. With regard to the
> ELB, spinning one up in a VPC [2] is the only way to assign security
> groups to it. This allows you to whitelist specific nodes trying to
> talk to the Riak cluster [3].
>
> [0] http://basho.com/blog/technical/2013/01/30/RiakonAWS/
> [1]
> http://docs.basho.com/riak/1.2.1/tutorials/installation/Installing-on-AWS-Marketplace/
> [2] http://aws.amazon.com/vpc/
> [3]
> http://aws.typepad.com/aws/2011/11/new-aws-elastic-load-balancing-inside-of-a-virtual-private-cloud.html
>
> Hope this helps,
>
> --
> Hector
>
>
> On Fri, Feb 1, 2013 at 8:06 AM, vvsanil <vvsanilkumar at gmail.com> wrote:
> > What are the best practices for securing my riak cluster on AWS? The
> cluster
> > will be sitting under a load balancer (ELB). Basically how do i prevent
> > others from accessing my riak cluster if they happen to know my ip
> > address/ports.
> >
> > (Using Nginx as reverse proxy is not an option for us.)
> >
> >
> >
> > --
> > View this message in context:
> http://riak-users.197444.n3.nabble.com/Riak-Security-on-AWS-tp4026708.html
> > Sent from the Riak Users mailing list archive at Nabble.com.
> >
> > _______________________________________________
> > riak-users mailing list
> > riak-users at lists.basho.com
> > http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com
>
> --
> Hector
>
>
> On Fri, Feb 1, 2013 at 8:06 AM, vvsanil <vvsanilkumar at gmail.com> wrote:
> > What are the best practices for securing my riak cluster on AWS? The
> cluster
> > will be sitting under a load balancer (ELB). Basically how do i prevent
> > others from accessing my riak cluster if they happen to know my ip
> > address/ports.
> >
> > (Using Nginx as reverse proxy is not an option for us.)
> >
> >
> >
> > --
> > View this message in context:
> http://riak-users.197444.n3.nabble.com/Riak-Security-on-AWS-tp4026708.html
> > Sent from the Riak Users mailing list archive at Nabble.com.
> >
> > _______________________________________________
> > riak-users mailing list
> > riak-users at lists.basho.com
> > http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com
>
> _______________________________________________
> riak-users mailing list
> riak-users at lists.basho.com
> http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.basho.com/pipermail/riak-users_lists.basho.com/attachments/20130201/15e92d2d/attachment.html>


More information about the riak-users mailing list