Amazon MQ RabbitMQ 连接

Amazon MQ RabbitMQ connection

我看到这篇关于将 rabbitmq 迁移到 amazon mq (rabbitmq) 的文章。 https://aws.amazon.com/blogs/compute/migrating-message-driven-applications-to-amazon-mq-for-rabbitmq/

我看到这句话:

“在 Amazon MQ for RabbitMQ 中,我们仅支持使用 TLS 的 AMQP 安全版本。下面的代码片段演示了使用 Pika 库的 AMQPS 连接。请注意,我们不支持服务器端的对等验证。”

这是否意味着必须始终为 amazon mq (rabbitmq) 建立安全连接,或者它只是说如果我们决定进行安全连接,我们必须使用 TLS

来自文档 Encryption in transit

By default, Amazon MQ brokers use the recommended TLS 1.2 to encrypt data. Amazon MQ does not currently support configuring brokers to use different TLS versions.

关键概念Security and authentication

Connections to Amazon MQ brokers use Transport Layer Security (TLS)

Supported wire-level protocols

You can access your brokers by using any programming language that ActiveMQ supports and by enabling TLS explicitly for the following protocols:

Infrastructure security in Amazon MQ

You use AWS published API calls to access Amazon MQ through the network. Clients must support Transport Layer Security (TLS) 1.0 or later. We recommend TLS 1.2 or later. Clients must also support cipher suites with perfect forward secrecy (PFS) such as Ephemeral Diffie-Hellman (DHE) or Elliptic Curve Ephemeral Diffie-Hellman (ECDHE). Most modern systems such as Java 7 and later support these modes.

你必须使用 TLS。