Network ACLs and Security Groups
Couchbase Server provides Network Access Control Lists (ACLs) and security groups for the Amazon VPC.
For the Amazon Virtual Private Cloud (VPC), security is provided with:
- Network Access Control Lists (ACLs), which are an optional layer of security that acts as a firewall for controlling traffic in and out of a subnet.
- Security groups, which act as a virtual firewall for your instance to control inbound and outbound traffic.
To ensure security:
- On the host level, you can set individual SSL keys using a bashing host. Make sure that the access to your Couchbase instance is logged and audited through Amazon’s logging capabilities.
- Obtain customer generated key pairs.
- Set up an outbound instance of a firewall in the VPC.
- To protect your access, sign your calls using a certificate or a customer key.