Network ACLs and Security Groups

Network ACLs and Security Groups

Couchbase Server provides Network Access Control Lists (ACLs) and Security Groups, for the Amazon Virtual Private Cloud (VPC).

Ensuring Security

For the Amazon VPC, security is provided with:

  • Network Access Control Lists (ACLs), which constitute an optional layer of security; acting as a firewall for the controlling of traffic that passes in and out of a subnet.

  • Security Groups, which act as a virtual firewall for your Couchbase Server-instance; controlling inbound and outbound traffic.

To ensure security:

  • On the host level, set individual SSL-keys, using a bashing host. Ensure that access to your Couchbase Server-instance is logged and audited, through Amazon’s logging capabilities.

  • Obtain customer-generated key-pairs.

  • Set up an outbound instance of a firewall, in the VPC.

  • Sign your calls, using either a certificate or a customer key.