Hi, We recently published a blog post detailing methods of deployment on AWS [0].
More specifically, to secure the nodes behind an ELB you can assign them security groups as they're defined here [1]. With regard to the ELB, spinning one up in a VPC [2] is the only way to assign security groups to it. This allows you to whitelist specific nodes trying to talk to the Riak cluster [3]. [0] http://basho.com/blog/technical/2013/01/30/RiakonAWS/ [1] http://docs.basho.com/riak/1.2.1/tutorials/installation/Installing-on-AWS-Marketplace/ [2] http://aws.amazon.com/vpc/ [3] http://aws.typepad.com/aws/2011/11/new-aws-elastic-load-balancing-inside-of-a-virtual-private-cloud.html Hope this helps, -- Hector On Fri, Feb 1, 2013 at 8:06 AM, vvsanil <[email protected]> wrote: > What are the best practices for securing my riak cluster on AWS? The cluster > will be sitting under a load balancer (ELB). Basically how do i prevent > others from accessing my riak cluster if they happen to know my ip > address/ports. > > (Using Nginx as reverse proxy is not an option for us.) > > > > -- > View this message in context: > http://riak-users.197444.n3.nabble.com/Riak-Security-on-AWS-tp4026708.html > Sent from the Riak Users mailing list archive at Nabble.com. > > _______________________________________________ > riak-users mailing list > [email protected] > http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com -- Hector On Fri, Feb 1, 2013 at 8:06 AM, vvsanil <[email protected]> wrote: > What are the best practices for securing my riak cluster on AWS? The cluster > will be sitting under a load balancer (ELB). Basically how do i prevent > others from accessing my riak cluster if they happen to know my ip > address/ports. > > (Using Nginx as reverse proxy is not an option for us.) > > > > -- > View this message in context: > http://riak-users.197444.n3.nabble.com/Riak-Security-on-AWS-tp4026708.html > Sent from the Riak Users mailing list archive at Nabble.com. > > _______________________________________________ > riak-users mailing list > [email protected] > http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com _______________________________________________ riak-users mailing list [email protected] http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com
