Security Value
The security of RabbitMQ is of great value to users, such as:
1. Data Protection: The security of RabbitMQ can protect users' messages and data from unauthorized access and tampering. With the right security configuration, you can ensure the confidentiality and integrity of messages during transmission and storage.
2. Authentication and Authorization: The security of RabbitMQ ensures that only authenticated users can access and operate message queues. Through authentication and authorization mechanisms, users' access rights can be restricted to prevent unauthorized access and operation.
3. Preventing Denial of Service attacks: The security of RabbitMQ can help users prevent denial of service (DoS) attacks. By limiting the use of resources and setting appropriate quotas, malicious users or programs can be prevented from overloading message queues and exhausting resources.
4. Monitoring and Auditing: The security of RabbitMQ can provide monitoring and auditing functions to help users track and record the access and operation of message queues. This helps users to detect abnormal behavior and security incidents and conduct timely responses and investigations.
5. Compliance Requirements: For some industries and regulations, such as finance and healthcare, security is an essential. The security of RabbitMQ can help users meet compliance requirements and ensure the confidentiality and integrity of messages and data.
To sum up, the security of RabbitMQ is of great value to users, which can protect the security of users' data and messages from unauthorized access and tampering, prevent denial of service attacks, and meet compliance requirements.
Authentication
· CTIAM
Identity and Access Management (CTIAM) is a basic service that provides users with permission management capabilities, which can help you securely control the access and operation permissions of your eSurfing Cloud services and resources, including user authentication, permission granting, and access control. For detailed information, see Identity and Access Management - Product Introduction.
You can create an IAM user and grant the user permissions on DMS RabbitMQ instances. Then, the user can access the authorized instance resources by using the username and password. For details, see Identity and Access Management - Quick Start - Creating an IAM User.
Access Control
· Permission Control
After you purchase a DMS RabbitMQ instance, you can use CTIAM to set different access permissions for employees in an enterprise to isolate permissions between different employees and perform fine-grained permission management with CTIAM.
· VPCs and Subnets
A virtual private cloud (VPC) builds an isolated and private network environment for DMS RabbitMQ, improving database security and streamlining your network deployment. You have full control over your VPCs. VPC's ample features allow you to flexibly manage your cloud networks, including creating subnets, configuring security groups and network ACLs, managing route tables, and applying for elastic IP addresses (EIPs) and bandwidth. Provide dedicated network resources that are isolated from other networks through subnets to promote network security. For detailed information, see Virtual Private Cloud (VPC) - User Guide - Creating a VPC and a Subnet.
· Security Group
A security group is a logical group that provides the same access policy for RabbitMQ instances that have the same security requirements and trust each other in the same VPC. You can configure security groups for database instances and specify the IP address and port to access the RabbitMQ instances to ensure the security and stability of the running environment. For details, see Modifying an Instance Security Group.
Data Protection Technologies
RabbitMQ takes different measures to keep data confidential and intact during storage and transmission.
1. Cross-AZ Disaster Recovery: Deploy multiple RabbitMQ nodes in different availability zones to ensure data replication and synchronization between nodes. This way, when one availability zone fails, nodes on other availability zones can continue to provide services.
2. Replica Redundancy: RabbitMQ replica redundancy is a strategy to ensure high availability and data redundancy of message queues. By creating replicas on multiple nodes, you can ensure that even if one node fails, replicas on the other nodes can still provide services.
3. Data Persistence: RabbitMQ data persistence ensures that data in message queues is not lost in the event of a node restart or failure by persisting queues, messages, and exchanges.
Service Resilience
The resilience of the RabbitMQ service refers to its ability to stay available and reliable in case of faults and accidents. The following are the key aspects to ensure the resilience of the RocketMQ service:
1. Intra-AZ Instance Disaster Recovery: Deploy multiple RabbitMQ nodes in different availability zones so that they can replicate and synchronize messages with each other. This way, even if one availability zone fails, nodes on other availability zones can still provide services.
2. Data Disaster Recovery: RabbitMQ data disaster recovery is a measure to protect data from loss and failure through strategies such as persistent messages, queues and exchanges, backup and replication, and high-availability clusters.