About security
Tue, 2010-02-16 19:03
Hello. I just launched a Gear6 AMI (32bit) to do some tests. It seems cool. But what can we make to secure access to the newly created instances? Anyone discovering the public IP can connect to the instance and watch logs or modify the cache content. I know memcached does not provide such authentification system, but at least we had access to iptables.
Regards.
Charles.
Sat, 2010-02-20 14:33
#2
Sorry, I forgot that security
Sorry, I forgot that security groups could also handle user/group pairs.
I think Gear6 Cloud Cache is a must-have component in the AWS cloud (so easy to cache SimpleDB and reduce costs), and I'll be happy to use it in my projects in replacement of memcache. Thanks, and I'm impatient to try upcoming features.
Regards.
Charles, thanks for your inquiry.
At the moment, we are not providing any extra authentication. You can secure access via the security groups contained within the AWS cloud, let me know if you need more information on how to do that.
In our upcoming release, we will be introducing extra features to the AMI and will be implementing a multi-level security model to protect configuration items and such.
Since the current release doesn't allow any actual changes to be made, we didn't feel the need to implement anything more than what AWS already provides.
Please let me know if you feel differently, or if you have any other questions or concerns.
Thanks!
Gear6 Support